CVE-2022-36796 Information

Description

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail Inc. CallRail Phone Call Tracking plugin <= 0.4.9 at WordPress.

Reference

https://wordpress.org/plugins/callrail-phone-call-tracking/ https://patchstack.com/database/vulnerability/callrail-phone-call-tracking/wordpress-callrail-phone-call-tracking-plugin-0-4-9-cross-site-request-forgery-csrf-vulnerability-leading-to-stored-cross-site-scripting-xss