Archives: Reports

CVE ID:

CVE-2022-4562

WordPress Plugin

meks-flexible-shortcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4577

WordPress Plugin

easy-testimonials

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4576

WordPress Plugin

easy-bootstrap-shortcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4571

WordPress Plugin

seriously-simple-podcasting

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4622

WordPress Plugin

baw-login-logout-menu

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4715

WordPress Plugin

structured-content

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4716

WordPress Plugin

wp-popups-lite

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4682

WordPress Plugin

lightbox-gallery

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4666

WordPress Plugin

wp-structuring-markup

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4580

WordPress Plugin

twenty20

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4578

WordPress Plugin

video-conferencing-with-zoom-api

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4542

WordPress Plugin

compact-wp-audio-player

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4544

WordPress Plugin

mashsharer

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4545

WordPress Plugin

sitemap

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4551

WordPress Plugin

rich-table-of-content

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4491

WordPress Plugin

wp-table-reloaded

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4509

WordPress Plugin

content-control

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4484

WordPress Plugin

super-socializer

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4485

WordPress Plugin

page-list

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4486

WordPress Plugin

meteor-slides

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4648

WordPress Plugin

testimonial-free

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4487

WordPress Plugin

easy-accordion-free

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4488

WordPress Plugin

widgets-on-pages

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4474

WordPress Plugin

easy-facebook-likebox

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-13

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More

CVE ID:

CVE-2022-4475

WordPress Plugin

jquery-collapse-o-matic

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-13

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

Read More