cleantalk
Vulnerabilities and Security Researches

WP Hide & Security Enhancer, CVE-2022-2538

CVE, Research URL

CVE-2022-2538

Home page URL

Security reports for WP Hide & Security Enhancer

Application

WP Hide & Security Enhancer

Published on
Aug 29, 2022
Research Description
The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting
Affected versions
Min -, max 1.8.
Status
vulnerable
Previous vulnerability researches
WP Hide & Security Enhancer (CVE-2022-2538) , Jun 06, 2024
WP Hide & Security Enhancer (5009dd48981ca7065310dbd9f6cb04bd5738c06b) , Jun 06, 2024
WP Hide & Security Enhancer (CVE-2024-11585) , Dec 07, 2024
New vulnerability
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025
Royal Elementor Addons and Templates (CVE-2025-3813) , Jun 06, 2025