cleantalk
Vulnerabilities and Security Researches

Anti-Malware Security and Brute-Force Firewall, CVE-2022-0953

CVE, Research URL

CVE-2022-0953

Home page URL

Security reports for Anti-Malware Security and Brute-Force Firewall

Application

Anti-Malware Security and Brute-Force Firewall

Published on
Apr 25, 2022
Research Description
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters
Affected versions
Min -, max 4.15.20.
Status
vulnerable
Previous vulnerability researches
Anti-Malware Security and Brute-Force Firewall (CVE-2022-2599) , Jun 06, 2024
Anti-Malware Security and Brute-Force Firewall (CVE-2021-25101) , Jun 06, 2024
Anti-Malware Security and Brute-Force Firewall (CVE-2022-4327) , Jun 06, 2024
Anti-Malware Security and Brute-Force Firewall (CVE-2022-0953) , Jun 06, 2024
Anti-Malware Security and Brute-Force Firewall (CVE-2024-22144) , Jun 06, 2024
New vulnerability
Contact Form 7 reCAPTCHA (CVE-2025-23972) , Jul 08, 2025
Easy Stripe (CVE-2025-49302) , Jul 08, 2025
Gallery Widget (CVE-2025-28969) , Jul 08, 2025
Contact Us Page – Contact People (CVE-2025-28967) , Jul 07, 2025
WP fancybox (CVE-2025-26591) , Jul 07, 2025