Archives: Reports

CVE ID:

CVE-2022-4717

WordPress Plugin

strong-testimonials

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4836

WordPress Plugin

breadcrumb

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4835

WordPress Plugin

social-sharing-toolkit

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4834

WordPress Plugin

cpt-bootstrap-carousel

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4757

WordPress Plugin

list-pages-shortcode

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4758

WordPress Plugin

wd-google-maps

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4759

WordPress Plugin

gigpress

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4776

WordPress Plugin

cc-child-pages

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4760

WordPress Plugin

oneclick-whatsapp-order

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2023-0143

WordPress Plugin

send-pdf-for-contact-form-7

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4789

WordPress Plugin

wpzoom-portfolio

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4790

WordPress Plugin

wp-google-my-business-auto-publish

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4791

WordPress Plugin

woo-product-slider-and-carousel-with-category

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4792

WordPress Plugin

blog-designer-pack

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4793

WordPress Plugin

blog-designer-for-post-and-widget

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4747

WordPress Plugin

post-category-image-with-grid-and-slider

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4749

WordPress Plugin

post-list-designer

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4750

WordPress Plugin

wp-responsive-testimonials-slider-and-widget

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4751

WordPress Plugin

word-balloon

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4752

WordPress Plugin

wp-opening-hours

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4775

WordPress Plugin

geodirectory

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4753

WordPress Plugin

print-o-matic

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4754

WordPress Plugin

easy-facebook-like-box

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4718

WordPress Plugin

page-builder-add

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4756

WordPress Plugin

youtube-channel

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More