CVE-2022-0429

Name of the Vulnerable Software and Affected Versions WP Cerber Security, Anti-spam & Malware Scan WordPress plugin versions prior to 8.9.6

Description The issue is related to an unauthenticated stored Cross-Site Scripting problem. It occurs because the $url variable is not properly sanitized before being used in an attribute in the Activity tab of the plugin's dashboard.

Recommendations For WP Cerber Security, Anti-spam & Malware Scan WordPress plugin versions prior to 8.9.6, update to version 8.9.6 or later to resolve the issue.