Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2022-4717
|
N/A |
The Strong Testimonials WordPress plugin before 3.0.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
|
06 Feb 2023
|
|
|
CVE-2023-0174
|
N/A |
The WP VR WordPress plugin before 8.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
|
06 Feb 2023
|
|
|
CVE-2022-4756
|
N/A |
The My YouTube Channel WordPress plugin before 3.23.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
|
06 Feb 2023
|
|
|
CVE-2023-0070
|
N/A |
The ResponsiveVoice Text To Speech WordPress plugin before 1.7.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
|
06 Feb 2023
|
|
|
CVE-2022-4664
|
N/A |
The Logo Slider WordPress plugin before 3.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
|
06 Feb 2023
|
|
|
CVE-2023-0154
|
N/A |
The GamiPress WordPress plugin before 1.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
|
06 Feb 2023
|
|
|
CVE-2022-4824
|
N/A |
The WP Blog and Widgets WordPress plugin before 2.3.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
|
06 Feb 2023
|
|
|
CVE-2022-4577
|
N/A |
The Easy Testimonials WordPress plugin before 3.9.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
|
06 Feb 2023
|
|
|
CVE-2023-0178
|
N/A |
The Annual Archive WordPress plugin before 1.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
|
06 Feb 2023
|
|
|
CVE-2022-47452
|
N/A |
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47451
|
N/A |
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47371
|
N/A |
In bt driver, there is a thread competition leads to early release of resources to be accessed. This could lead to local denial of service in kernel.
|
06 Feb 2023
|
|
|
CVE-2022-47370
|
N/A |
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47369
|
N/A |
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47368
|
N/A |
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47367
|
N/A |
In bluetooth driver, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
|
06 Feb 2023
|
|
|
CVE-2022-47366
|
N/A |
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47365
|
N/A |
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47364
|
N/A |
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-47363
|
N/A |
In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-44447
|
N/A |
In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services.
|
06 Feb 2023
|
|
|
CVE-2022-44421
|
N/A |
In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure.
|
06 Feb 2023
|
|
|
CVE-2022-47333
|
N/A |
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
|
06 Feb 2023
|
|
|
CVE-2022-47332
|
N/A |
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
|
06 Feb 2023
|
|
|
CVE-2022-47450
|
N/A |
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
|
06 Feb 2023
|
CVE-2022-4717
N/A
06 Feb 2023
The Strong Testimonials WordPress plugin before 3.0.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
CVE-2023-0174
N/A
06 Feb 2023
The WP VR WordPress plugin before 8.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2022-4756
N/A
06 Feb 2023
The My YouTube Channel WordPress plugin before 3.23.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
CVE-2023-0070
N/A
06 Feb 2023
The ResponsiveVoice Text To Speech WordPress plugin before 1.7.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2022-4664
N/A
06 Feb 2023
The Logo Slider WordPress plugin before 3.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
CVE-2023-0154
N/A
06 Feb 2023
The GamiPress WordPress plugin before 1.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2022-4824
N/A
06 Feb 2023
The WP Blog and Widgets WordPress plugin before 2.3.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
CVE-2022-4577
N/A
06 Feb 2023
The Easy Testimonials WordPress plugin before 3.9.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
CVE-2023-0178
N/A
06 Feb 2023
The Annual Archive WordPress plugin before 1.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2022-47452
N/A
06 Feb 2023
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47451
N/A
06 Feb 2023
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47371
N/A
06 Feb 2023
In bt driver, there is a thread competition leads to early release of resources to be accessed. This could lead to local denial of service in kernel.
CVE-2022-47370
N/A
06 Feb 2023
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47369
N/A
06 Feb 2023
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47368
N/A
06 Feb 2023
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47367
N/A
06 Feb 2023
In bluetooth driver, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2022-47366
N/A
06 Feb 2023
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47365
N/A
06 Feb 2023
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47364
N/A
06 Feb 2023
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47363
N/A
06 Feb 2023
In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44447
N/A
06 Feb 2023
In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44421
N/A
06 Feb 2023
In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure.
CVE-2022-47333
N/A
06 Feb 2023
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVE-2022-47332
N/A
06 Feb 2023
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVE-2022-47450
N/A
06 Feb 2023
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
Page 699 of 759
Page 699 of 759