Total
44253 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0625 | 1 Admin Menu Editor Project | 1 Admin Menu Editor | 2024-11-21 | 6.1 Medium |
| The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0621 | 1 Dtabs Project | 1 Dtabs | 2024-11-21 | 6.1 Medium |
| The dTabs WordPress plugin through 1.4 does not sanitize and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0620 | 1 Deleteoldorders Project | 1 Delete Old Orders | 2024-11-21 | 6.1 Medium |
| The Delete Old Orders WordPress plugin through 0.2 does not sanitize and escape the date parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0619 | 1 Database Peek Project | 1 Database Peek | 2024-11-21 | 6.1 Medium |
| The Database Peek WordPress plugin through 1.2 does not sanitize and escape the match parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0612 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | ||||
| CVE-2022-0602 | 1 Tastyigniter | 1 Tastyigniter | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository tastyigniter/tastyigniter prior to 3.3.0. | ||||
| CVE-2022-0601 | 1 Edmonsoft | 1 Countdown\, Coming Soon\, Maintenance - Countdown \& Clock | 2024-11-21 | 6.1 Medium |
| The Countdown, Coming Soon, Maintenance WordPress plugin before 2.2.9 does not sanitize and escape the post parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0600 | 1 Myceliumdesign | 1 Conference Scheduler | 2024-11-21 | 6.1 Medium |
| The Conference Scheduler WordPress plugin before 2.4.3 does not sanitize and escape the tab parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0599 | 1 Mapping Multiple Urls Redirect Same Page Project | 1 Mapping Multiple Urls Redirect Same Page | 2024-11-21 | 6.1 Medium |
| The Mapping Multiple URLs Redirect Same Page WordPress plugin through 5.8 does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||
| CVE-2022-0598 | 1 Idehweb | 1 Login With Phone Number | 2024-11-21 | 4.8 Medium |
| The Login with phone number WordPress plugin before 1.3.8 does not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | ||||
| CVE-2022-0595 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2024-11-21 | 5.4 Medium |
| The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue | ||||
| CVE-2022-0590 | 1 Ait-pro | 1 Bulletproof Security | 2024-11-21 | 4.8 Medium |
| The BulletProof Security WordPress plugin before 5.8 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | ||||
| CVE-2022-0589 | 1 Librenms | 1 Librenms | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0. | ||||
| CVE-2022-0576 | 1 Librenms | 1 Librenms | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0. | ||||
| CVE-2022-0575 | 1 Librenms | 1 Librenms | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0. | ||||
| CVE-2022-0571 | 2 Fedoraproject, Phoronix-media | 3 Extra Packages For Enterprise Linux, Fedora, Phoronix Test Suite | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. | ||||
| CVE-2022-0558 | 1 Microweber | 1 Microweber | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0542 | 1 Chatwoot | 1 Chatwoot | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0. | ||||
| CVE-2022-0539 | 1 Beanstalk Console Project | 1 Beanstalk Console | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist ptrofimov/beanstalk_console prior to 1.7.14. | ||||
| CVE-2022-0535 | 1 E2pdf | 1 E2pdf | 2024-11-21 | 4.8 Medium |
| The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | ||||