• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-4837

February 23, 2023 by godfreyd94

The CPO Companion WordPress plugin before 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.

CVE-2022-4838

February 23, 2023 by godfreyd94

The Clean Login WordPress plugin before 1.13.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.

CVE-2022-4839

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.1.

CVE-2022-4840

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.1.

CVE-2022-4841

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.1.

CVE-2022-4859

February 23, 2023 by godfreyd94

A vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument firstName/lastName leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 7.0.34 is able to address this issue. The name of the patch is 9a77f508a2bf8cf661d588f37a4cc29ecaea4fc8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217055.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1693
  • Go to page 1694
  • Go to page 1695
  • Go to page 1696
  • Go to page 1697
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE