← Back to CVE List

CVE-2022-4310

Published: 2023-01-09T23:15Z
Last Modified: 2025-04-09T20:15Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs > MITRE Terms of Use apply – see LICENSE‑MITRE.txt