CVE-2022-1267

BMI BMR Calculator <= 1.3 - Reflected Cross-Site Scripting

EPSS 0.8%CWE-79

The BMI BMR Calculator WordPress plugin through 1.3 does not sanitise and escape arbitrary POST data before outputting it back in the response, leading to a Reflected Cross-Site Scripting

Affected products

Unknown · BMI BMR Calculator

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/ed2971c2-b99c-4320-ac46-bea5a0a493ed