CVE-2022-4325

Name of the Vulnerable Software and Affected Versions Post Status Notifier Lite WordPress plugin versions prior to 1.10.1

Description The issue is related to a Reflected Cross-Site Scripting that can be used against high privilege users such as admin, due to the plugin not sanitising and escaping a parameter before outputting it back in the page.

Recommendations For versions prior to 1.10.1, update to version 1.10.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.