cbcvebase.
CVE-2022-28290
published 2022-04-25

CVE-2022-28290: Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the user tries to access…

PriorityP179medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.41%
69.3th percentile
Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the user tries to access the country selector page with the specified payload as a part of the HTTP request

Affected

1 ranges
VendorProductVersion rangeFixed in
welaunchwordpress_country_selector

Detection & IOCsextracted from sources · hover to see the quote

sigma
nuclei template matching cookie 'country_selector_' in WordPress Country Selector plugin
  • Reflected XSS triggers when a user accesses the country selector page with a malicious payload in the HTTP request; monitor GET/POST requests to the country selector page for script injection patterns in parameters.
  • Detect presence of the WordPress Country Selector plugin (version 1.6.5) by identifying the 'country_selector_' cookie in HTTP traffic; a 200 OK response with text/html content-type alongside this cookie indicates a potentially vulnerable instance.
  • ·The vulnerability is specific to WordPress Country Selector Plugin Version 1.6.5; other versions may not be affected.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.