Skip to main content

Microsoft Advertising Universal Event Tracking

1 CVEs product

Monthly

CVE-2022-2170 MEDIUM POC This Month

The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft XSS WordPress Microsoft Advertising Universal Event Tracking
NVD WPScan
CVSS 3.1
4.8
EPSS
1.1%
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft XSS WordPress +1
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy