Common Vulnerabilities

In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.

CVE ID:

CVE-2022-4761

WordPress Plugin

baw-post-views-count <= 3.0.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4777

WordPress Plugin

bootstrap-shortcodes <= 3.4.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4762

WordPress Plugin

materialis-companion <= 1.3.23

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4763

WordPress Plugin

icon-widget <= 1.2.6

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4765

WordPress Plugin

portfolio-elementor <= 2.3

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4764

WordPress Plugin

simple-file-downloader <= 1.0.4

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4837

WordPress Plugin

cpo-companion <= 1.0.4

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4717

WordPress Plugin

strong-testimonials <= 3.0.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4836

WordPress Plugin

breadcrumb <= 1.5.32

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4835

WordPress Plugin

social-sharing-toolkit <= 2.6

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4834

WordPress Plugin

cpt-bootstrap-carousel <= 1.12

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-23

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0143

WordPress Plugin

send-pdf-for-contact-form-7 <= 0.9.9.1

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4789

WordPress Plugin

wpzoom-portfolio <= 1.2.1

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4790

WordPress Plugin

wp-google-my-business-auto-publish <= 3.3

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4791

WordPress Plugin

woo-product-slider-and-carousel-with-category <= 2.7.1

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4792

WordPress Plugin

blog-designer-pack <= 3.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4793

WordPress Plugin

blog-designer-for-post-and-widget <= 2.3

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4747

WordPress Plugin

post-category-image-with-grid-and-slider <= 1.4.7

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4749

WordPress Plugin

post-list-designer <= 3.1

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4750

WordPress Plugin

wp-responsive-testimonials-slider-and-widget <= 1.5

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4751

WordPress Plugin

word-balloon <= 4.19.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4752

WordPress Plugin

wp-opening-hours <= 2.3.0

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4775

WordPress Plugin

geodirectory <= 2.2.21

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4753

WordPress Plugin

print-o-matic <= 2.1.7

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2022-4754

WordPress Plugin

easy-facebook-like-box <= 4.1.2

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2022-12-22

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More