← Back to CVE List

CVE-2022-3209

Published: 2022-10-10T21:15Z
Last Modified: 2024-11-21T07:19Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The soledad WordPress theme before 8.2.5 does not sanitise the {id,datafilter[type],...} parameters in its penci_more_slist_post_ajax AJAX action, leading to a Reflected Cross-Site Scripting (XSS) vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt