CM FAQ WordPress Plugin Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in the CM FAQ WordPress plugin, specifically in versions through and including 1.2.5. The issue arises from the plugin's use of remove_query_arg without proper escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link that exploits the vulnerability.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject and execute scripts in the context of the user's browser.

Reproduction

To reproduce this vulnerability, an attacker can craft a URL that removes a specific query argument using remove_query_arg, without proper escaping. When the victim clicks the link, the injected script will execute in their browser.

Remediation

Users are advised to update the CM FAQ WordPress plugin to version 1.2.6 or later, where this vulnerability has been patched.