CVE-2022-47444

Name of the Vulnerable Software and Affected Versions ProfilePress plugin versions <= 4.5.3

Description The issue is an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in the ProfilePress Membership Team Paid Membership Plugin. This affects components such as Ecommerce, Registration Form, Login Form, User Profile, and Restrict Content.

Recommendations For ProfilePress plugin versions <= 4.5.3, update to a version higher than 4.5.3 to resolve the issue. As a temporary workaround, consider restricting access to sensitive components like the Registration Form, Login Form, and User Profile to minimize the risk of exploitation.