• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-0873

February 23, 2023 by

The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album’s name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed

CVE-2022-0874

February 23, 2023 by

The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE-2022-0876

February 23, 2023 by

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed

CVE-2022-0877

February 23, 2023 by

Cross-site Scripting (XSS) – Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.

CVE-2022-0879

February 23, 2023 by

The Caldera Forms WordPress plugin before 1.9.7 does not validate and escape the cf-api parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting

CVE-2022-0880

February 23, 2023 by

Cross-site Scripting (XSS) – Stored in GitHub repository star7th/showdoc prior to 2.10.2.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2146
  • Go to page 2147
  • Go to page 2148
  • Go to page 2149
  • Go to page 2150
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE