References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

CVE-2022-1324 Detail Current Description The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting…

CVE-2022-1561 Detail Awaiting Analysis This vulnerability is currently awaiting analysis. Description Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly,…

CVE-2022-1585 Detail Current Description The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site…

CVE-2022-1600 Detail Current Description The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor’s IP from certain HTTP headers over PHP’s REMOTE_ADDR, which makes it possible to bypass IP-based…

CVE-2022-1906 Detail Current Description The Copyright Proof WordPress plugin through 4.16 does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated…

CVE-2022-1950 Detail Current Description The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to…

References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

CVE-2022-2171 Detail Undergoing Analysis This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary. Description The Progressive License…

CVE-2022-21788 Detail Current Description In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed.…