NVD – CVE-2022-2628
CVE-2022-2628 Detail Current Description The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users…
Security Information and News
CVE-2022-2628 Detail Current Description The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2022-2763 Detail Current Description The WP Socializer WordPress plugin before 7.3 does not sanitise and escape some of its Icons settings, which could allow high privilege users such as admin…
References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…
CVE-2022-2839 Detail Current Description The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users to…
Current Description Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a…
CVE-2022-2922 Detail Current Description Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0. View Analysis Description Analysis Description Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0. Severity…
CVE-2022-3124 Detail Current Description The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation…
CVE-2022-3125 Detail Current Description The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP,…
CVE-2022-3128 Detail Current Description The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to…
CVE-2022-3132 Detail Current Description The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks…