CVE-2022-0619

Name of the Vulnerable Software and Affected Versions Database Peek WordPress plugin versions prior to 1.3

Description The issue arises from the lack of proper sanitization and escaping of the match parameter, which is then outputted back in an admin page. This leads to a Reflected Cross-Site Scripting issue, allowing potential attackers to inject malicious scripts.

Recommendations For Database Peek WordPress plugin versions prior to 1.3, update to version 1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin page where the match parameter is outputted to minimize the risk of exploitation.