Common Vulnerabilities
In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.
CVE ID:
CVE-2022-4761
WordPress Plugin
baw-post-views-count <= 3.0.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4777
WordPress Plugin
bootstrap-shortcodes <= 3.4.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4762
WordPress Plugin
materialis-companion <= 1.3.23
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4763
WordPress Plugin
icon-widget <= 1.2.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4765
WordPress Plugin
portfolio-elementor <= 2.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4764
WordPress Plugin
simple-file-downloader <= 1.0.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4837
WordPress Plugin
cpo-companion <= 1.0.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4717
WordPress Plugin
strong-testimonials <= 3.0.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4836
WordPress Plugin
breadcrumb <= 1.5.32
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4835
WordPress Plugin
social-sharing-toolkit <= 2.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4834
WordPress Plugin
cpt-bootstrap-carousel <= 1.12
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-23
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2023-0143
WordPress Plugin
send-pdf-for-contact-form-7 <= 0.9.9.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4789
WordPress Plugin
wpzoom-portfolio <= 1.2.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4790
WordPress Plugin
wp-google-my-business-auto-publish <= 3.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4791
WordPress Plugin
woo-product-slider-and-carousel-with-category <= 2.7.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4792
WordPress Plugin
blog-designer-pack <= 3.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4793
WordPress Plugin
blog-designer-for-post-and-widget <= 2.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4747
WordPress Plugin
post-category-image-with-grid-and-slider <= 1.4.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4749
WordPress Plugin
post-list-designer <= 3.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4750
WordPress Plugin
wp-responsive-testimonials-slider-and-widget <= 1.5
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4751
WordPress Plugin
word-balloon <= 4.19.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4752
WordPress Plugin
wp-opening-hours <= 2.3.0
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4775
WordPress Plugin
geodirectory <= 2.2.21
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4753
WordPress Plugin
print-o-matic <= 2.1.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4754
WordPress Plugin
easy-facebook-like-box <= 4.1.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-22
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.