Common Vulnerabilities

In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.

CVE ID:

CVE-2022-4562

WordPress Plugin

meks-flexible-shortcodes <= 1.3.4

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4716

WordPress Plugin

wp-popups-lite <= 2.1.4.7

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4682

WordPress Plugin

lightbox-gallery <= 0.9.4

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4666

WordPress Plugin

wp-structuring-markup <= 4.8.1

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4580

WordPress Plugin

twenty20 <= 1.6.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4578

WordPress Plugin

video-conferencing-with-zoom-api <= 4.0.9

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4577

WordPress Plugin

easy-testimonials <= 3.9.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4576

WordPress Plugin

easy-bootstrap-shortcodes <= 4.5.4

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4571

WordPress Plugin

seriously-simple-podcasting <= 2.19.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4622

WordPress Plugin

baw-login-logout-menu <= 1.3.3

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4715

WordPress Plugin

structured-content <= 1.5.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4570

WordPress Plugin

top-10 <= 3.2.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4667

WordPress Plugin

feedzy-rss-feeds <= 4.1.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-16

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4542

WordPress Plugin

compact-wp-audio-player <= 1.9.7

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4544

WordPress Plugin

mashsharer <= 3.8.6

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4545

WordPress Plugin

sitemap <= 4.3

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4551

WordPress Plugin

rich-table-of-content <= 1.3.8

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-15

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4484

WordPress Plugin

super-socializer <= 7.13.43

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4485

WordPress Plugin

page-list <= 5.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4486

WordPress Plugin

meteor-slides <= 1.5.6

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4648

WordPress Plugin

testimonial-free <= 2.5.11

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4487

WordPress Plugin

easy-accordion-free <= 2.1.20

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4488

WordPress Plugin

widgets-on-pages <= 1.6.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4491

WordPress Plugin

wp-table-reloaded <= 1.9.4

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4509

WordPress Plugin

content-control <= 1.1.9

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-14

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More