What the vulnerability does
01Description
The Database Peek WordPress plugin through 1.2 does not sanitize and escape the match parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
CVE-2022-0619
CVE-2022-0619: Database Peek <= 1.2 - Reflected Cross-Site Scripting
CVSS base score
—
Key dates
02Disclosure timeline
March 28, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-33159 Microsoft SharePoint Server Spoofing Vulnerability
CVE-2024-9148 Flowise Stored Cross-Site Scripting
CVE-2023-3681 Campcodes Retro Cellphone Online Store modal_add_product.php cross site scripting
CVE-2025-23657 WordPress WordPress-to-candidate for Salesforce CRM plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2022-1288 School Club Application System cross site scripting
