• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-1575

February 23, 2023 by

Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. – Arbitrary (remote) code execution in the desktop app. – Stored XSS in the web app.

CVE-2022-1582

February 23, 2023 by

The External Links in New Window / New Tab WordPress plugin before 1.43 does not properly escape URLs it concatenates to onclick event handlers, which makes Stored Cross-Site Scripting attacks possible.

CVE-2022-1584

February 23, 2023 by

Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. Executing JavaScript as the victim

CVE-2022-1590

February 23, 2023 by

A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input alert(1) leads to cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit has been disclosed to the public and may be used.

CVE-2022-1593

February 23, 2023 by

The Site Offline or Coming Soon WordPress plugin through 1.6.6 does not have CSRF check in place when updating its settings, and it also lacking sanitisation as well as escaping in some of them. As a result, attackers could make a logged in admin change them and put Cross-Site Scripting payloads in them via a CSRF attack

CVE-2022-1597

February 23, 2023 by

The WPQA Builder WordPress plugin before 5.4, used as a companion for the Discy and Himer , does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2112
  • Go to page 2113
  • Go to page 2114
  • Go to page 2115
  • Go to page 2116
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE