Archives: Reports

CVE ID:

CVE-2022-4673

WordPress Plugin

rate-my-post

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4706

WordPress Plugin

genesis-columns-advanced

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2023-0033

WordPress Plugin

pdf-viewer

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4674

WordPress Plugin

ibtana-visual-editor

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4781

WordPress Plugin

accordion-shortcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4675

WordPress Plugin

facebook-page-feed-graph-api

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4677

WordPress Plugin

leaflet-maps-marker

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4783

WordPress Plugin

youtube-channel-gallery

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-20

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4623

WordPress Plugin

nd-shortcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4670

WordPress Plugin

pdfjs-viewer-shortcode

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4671

WordPress Plugin

pixcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4624

WordPress Plugin

gs-logo-slider

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4625

WordPress Plugin

login-logout-menu

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4626

WordPress Plugin

password-protect-page

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4627

WordPress Plugin

shiftnav-responsive-mobile-menu

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4628

WordPress Plugin

wp-ecommerce-paypal

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4629

WordPress Plugin

woo-product-slider

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4672

WordPress Plugin

wordpress-simple-paypal-shopping-cart

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4699

WordPress Plugin

media-element-html5-video-and-audio-player

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-19

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4714

WordPress Plugin

wp-dark-mode

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-17

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4664

WordPress Plugin

logo-slider-wp

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-17

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4668

WordPress Plugin

easy-appointments

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-17

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4669

WordPress Plugin

live-composer-page-builder

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-17

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4570

WordPress Plugin

top-10

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4667

WordPress Plugin

feedzy-rss-feeds

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More