Lucene search
WPScanCVELIST:CVE-2022-0148HistoryFeb 07, 2022 - 3:47 p.m.
CVE-2022-0148 All-in-one Floating Contact Form < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS)
2022-02-0715:47:25
CWE-79
WPScan
www.cve.org
2
xss; wordpress plugin; all-in-one floating contact form
EPSS
0.001
Percentile
50.4%
The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs WordPress plugin before 2.0.4 was vulnerable to reflected XSS on the my-sticky-elements-leads admin page.
CNA Affected
[
{
"product": "All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs – My Sticky Elements",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.4",
"status": "affected",
"version": "2.0.4",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
wpexploit
wpexploit
wpvulndb
wpvulndb
cve
cve
CVE-2022-0148
2022-02-07 16:16:38
nvd
nvd
CVE-2022-0148
2022-02-07 16:16:38
patchstack
patchstack
nuclei
nuclei
WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting
2022-03-27 14:25:03
prion
prion
Cross site scripting
2022-02-07 16:16:00