CVE-2022-1269

CVE-2022-1269: Fast Flow < 1.2.12 - Reflected Cross-Site Scripting

Vendor Unknown

Product Fast Flow

Weakness CWE-79 · XSS

Published May 2, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Fast Flow WordPress plugin before 1.2.12 does not sanitise and escape the page parameter before outputting back in an attribute in an admin dashboard, leading to a Reflected Cross-Site Scripting

Key dates

02Disclosure timeline

May 2, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-1269 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2026-3343 WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI CVE-2021-24291 Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS) CVE-2024-11488 115cms web_user.html cross site scripting CVE-2025-11770 BrightTALK WordPress Shortcode <= 2.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-11805 Quick License Manager – WooCommerce Plugin <= 2.4.17 - Reflected Cross-Site Scripting