Common Vulnerabilities
In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.
CVE ID:
CVE-2022-4673
WordPress Plugin
rate-my-post <= 3.3.8
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4706
WordPress Plugin
genesis-columns-advanced <= 2.0.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2023-0033
WordPress Plugin
pdf-viewer <= 0.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4674
WordPress Plugin
ibtana-visual-editor <= 1.1.8.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4781
WordPress Plugin
accordion-shortcodes <= 2.4.2
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4675
WordPress Plugin
facebook-page-feed-graph-api <= 1.8.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4677
WordPress Plugin
leaflet-maps-marker <= 3.12.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4783
WordPress Plugin
youtube-channel-gallery <= 2.4
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4676
WordPress Plugin
osm <= 6.01
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4782
WordPress Plugin
clickfunnels <= 3.1.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-20
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4670
WordPress Plugin
pdfjs-viewer-shortcode <= 2.1.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4671
WordPress Plugin
pixcodes <= 2.3.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4624
WordPress Plugin
gs-logo-slider <= 3.3.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4625
WordPress Plugin
login-logout-menu <= 1.3.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4626
WordPress Plugin
password-protect-page <= 1.8.5
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4627
WordPress Plugin
shiftnav-responsive-mobile-menu <= 1.7.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4628
WordPress Plugin
wp-ecommerce-paypal <= 1.7.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4629
WordPress Plugin
woo-product-slider <= 2.6.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4672
WordPress Plugin
wordpress-simple-paypal-shopping-cart <= 4.6.1
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4699
WordPress Plugin
media-element-html5-video-and-audio-player <= 4.2.8
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4623
WordPress Plugin
nd-shortcodes <= 6.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-19
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4714
WordPress Plugin
wp-dark-mode <= 3.0.6
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-17
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4664
WordPress Plugin
logo-slider-wp <= 3.5.3
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-17
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4668
WordPress Plugin
easy-appointments <= 3.10.7
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-17
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2022-4669
WordPress Plugin
live-composer-page-builder <= 1.5.22
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2022-12-17
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.