Post Status Notifier Lite, CVE-2022-4325

CVE, Research URL: CVE-2022-4325
Home page URL: Security reports for Post Status Notifier Lite
Application: Post Status Notifier Lite
Published on: Jan 10, 2023
Research Description: The Post Status Notifier Lite WordPress plugin before 1.10.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high privilege users such as admin.
Affected versions: Min -, max 1.10.1.
Status: vulnerable