What the vulnerability does
01Description
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting
CVE-2022-1773
CVE-2022-1773: WP Athletics <= 1.1.7 - Reflected Cross-Site Scripting
CVSS base score
—
Key dates
02Disclosure timeline
June 13, 2022
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-4728 Campcodes Legal Case Management System court cross site scripting
CVE-2025-59546 DNN Vulnerable to Stored XSS Using Backend Admin Credentials
CVE-2024-41663 Canarytoken "Cloned Website" Vulnerable to Stored Cross-Site Scripting
CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module
CVE-2023-48448 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)
