- Feb 5, 2023
- 1 min read

[WordPress ProfilePress Plugin](versions 4.4.1 and older) Vulnerability in Cross-Site Scripting (XS

Importance (CVSS3.0)

★★★★★★★☆☆☆ 7.1/ 10　 - High

Details

A Cross-Site Scripting(XSS) vulnerability was discovered in WordPress ProfilePress Plugin.

Therefore, malicious attackers can inject fraudulent scripts such as redirect, ads, and other HTML payload. This may be executed when guests visit the website.

Solutions

Update the WordPress ProfilePress Plugin to the newest version (4.5.4 and newer).

Source

CVE-2022-47444

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress ProfilePress Plugin](versions 4.4.1 and older) Vulnerability in Cross-Site Scripting (XSS)”, by WS Securityis licensed underCC BY 4.0.

Enterprise
Server Infrastructure
Management

Posts

[WordPress ProfilePress Plugin](versions 4.4.1 and older) Vulnerability in Cross-Site Scripting (XS

Recent Posts

Beyond GTA Inc.

Services

Policies

Beyond GTA Inc.
7030 Woodbine Ave., Markham, ON, L3R 6G2, Canada

Copyright 2021 Beyond GTA Inc.