Find Slow Functions & Actions & Filters & Hooks (Debug Bar), 5ef43d72f656d2e9ea2af708f1348c463f9bc9c0
- CVE, Research URL
- Home page URL
-
Security reports for Find Slow Functions & Actions & Filters & Hooks (Debug Bar)
- Published on
- Aug 01, 2022
- Research Description
- Find Slow Functions & Actions & Filters & Hooks (Debug Bar) [debug-functions-time] < 1.41 Find Slow Functions & Actions & Filters & Hooks <= 1.40 - Reflected Cross-Site Scripting The Find Slow Functions & Actions & Filters & Hooks plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.40 due to the use of add_query_arg/remove_query_arg with insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages via a URL that executes if they can successfully trick a user into performing an action such as clicking on a link.
- Affected versions
-
max 1.41.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Elizaibots (CVE-2025-49893) , Aug 20, 2025 |
| Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026 |