• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-1267

February 23, 2023 by

The BMI BMR Calculator WordPress plugin through 1.3 does not sanitise and escape arbitrary POST data before outputting it back in the response, leading to a Reflected Cross-Site Scripting

CVE-2022-1268

February 23, 2023 by

The Donate Extra WordPress plugin through 2.02 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected cross-Site Scripting

CVE-2022-1269

February 23, 2023 by

The Fast Flow WordPress plugin before 1.2.12 does not sanitise and escape the page parameter before outputting back in an attribute in an admin dashboard, leading to a Reflected Cross-Site Scripting

CVE-2022-1275

February 23, 2023 by

The BannerMan WordPress plugin through 0.2.4 does not sanitize or escape its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed (such as in multisite)

CVE-2022-1282

February 23, 2023 by

The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET[‘image_url’] variable, which is reflected back to the users when executing the editimage_bwg AJAX action.

CVE-2022-1288

February 23, 2023 by

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. This issue affects access to /scas/admin/. The manipulation of the parameter page with the input %22%3E%3Cimg%20src=x%20onerror=alert(1)%3E leads to a reflected cross site scripting. The attack may be initiated remotely and does not require any form of authentication. The exploit has been disclosed to the public and may be used.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2124
  • Go to page 2125
  • Go to page 2126
  • Go to page 2127
  • Go to page 2128
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE