Nuclei Template
View the template here CVE-2022-0899.yaml
Validate with Nuclei
echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-0899.yaml
The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting.
View the template here CVE-2022-0899.yaml
echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-0899.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-0899