CVE-2022-3578

Name of the Vulnerable Software and Affected Versions ProfileGrid WordPress plugin versions prior to 5.1.1

Description The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This could allow a remote attacker to conduct cross-site scripting attacks by exploiting the vulnerability in the structure of web pages.

Recommendations For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality until the update is applied. Avoid using the vulnerable parameter in the affected page until the issue is resolved.