CVE-2022-4310 Information

Description

The Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs

Reference

https://wpscan.com/vulnerability/b1aef75d-0c84-4702-83fc-11f0e98a0821