cvedb.io
CVE-2022-0150
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2022-02-28T09:15:08.843 · Last modified 2026-06-17T04:20:03.343

Summary

The WP Accessibility Helper (WAH) WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue

Affected products

wp_accessibility_helper_project — wp_accessibility_helper

Does this affect you?

Add your gear to cvedb and we'll alert you only when wp_accessibility_helper_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.