Common Vulnerabilities
In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.
CVE ID:
CVE-2022-4562
WordPress Plugin
meks-flexible-shortcodes <= 1.3.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4716
WordPress Plugin
wp-popups-lite <= 2.1.4.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4682
WordPress Plugin
lightbox-gallery <= 0.9.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4666
WordPress Plugin
wp-structuring-markup <= 4.8.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4580
WordPress Plugin
twenty20 <= 1.6.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4578
WordPress Plugin
video-conferencing-with-zoom-api <= 4.0.9
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4577
WordPress Plugin
easy-testimonials <= 3.9.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4576
WordPress Plugin
easy-bootstrap-shortcodes <= 4.5.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4571
WordPress Plugin
seriously-simple-podcasting <= 2.19.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4622
WordPress Plugin
baw-login-logout-menu <= 1.3.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4715
WordPress Plugin
structured-content <= 1.5.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4570
WordPress Plugin
top-10 <= 3.2.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4667
WordPress Plugin
feedzy-rss-feeds <= 4.1.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-16
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4542
WordPress Plugin
compact-wp-audio-player <= 1.9.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-15
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4544
WordPress Plugin
mashsharer <= 3.8.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-15
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4545
WordPress Plugin
sitemap <= 4.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-15
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4551
WordPress Plugin
rich-table-of-content <= 1.3.8
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-15
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4484
WordPress Plugin
super-socializer <= 7.13.43
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4485
WordPress Plugin
page-list <= 5.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4486
WordPress Plugin
meteor-slides <= 1.5.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4648
WordPress Plugin
testimonial-free <= 2.5.11
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4487
WordPress Plugin
easy-accordion-free <= 2.1.20
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4488
WordPress Plugin
widgets-on-pages <= 1.6.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4491
WordPress Plugin
wp-table-reloaded <= 1.9.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4509
WordPress Plugin
content-control <= 1.1.9
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-14
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.