cleantalk
Vulnerabilities and Security Researches

WP Accessibility Helper (WAH), CVE-2022-0150

CVE, Research URL

CVE-2022-0150

Home page URL

Security reports for WP Accessibility Helper (WAH)

Application

WP Accessibility Helper (WAH)

Published on
Feb 28, 2022
Research Description
The WP Accessibility Helper (WAH) WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue
Affected versions
max 0.6.0.7.
Status
vulnerable
Previous vulnerability researches
WP Accessibility Helper (WAH) (CVE-2024-31423) , Jun 06, 2024
WP Accessibility Helper (WAH) (CVE-2022-0150) , Jun 06, 2024
WP Accessibility Helper (WAH) (CVE-2024-37926) , Jul 13, 2024
WP Accessibility Helper (WAH) (CVE-2024-5987) , Aug 29, 2024
WP Accessibility Helper (WAH) (CVE-2023-41869) , Jun 10, 2024
New vulnerability
CodeColorer (CVE-2026-4032) , Apr 17, 2026
VI: Include Post By (CVE-2026-5717) , Apr 17, 2026
Responsive Accordion Slider (CVE-2026-0635) , Apr 17, 2026
Petje.af (CVE-2026-4002) , Apr 17, 2026
LinkedIn SC (CVE-2026-0812) , Apr 17, 2026