Lucene search
WPScanCVELIST:CVE-2022-1418HistoryMay 16, 2022 - 2:30 p.m.
CVE-2022-1418 Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF
2022-05-1614:30:59
CWE-352
CWE-79
WPScan
www.cve.org
2
cve-2022-1418
wordpress
stored cross-site scripting
csrf
security vulnerability
EPSS
0.001
Percentile
32.1%
The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues.
CNA Affected
[
{
"product": "Social Stickers",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "2.2.9",
"status": "affected",
"version": "2.2.9",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2022-05-16 15:15:00
cnvd
cnvd
WordPress Social Stickerss plugin跨站脚本漏洞
2022-05-18 00:00:00
wpvulndb
wpvulndb
Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF
2022-04-20 00:00:00
wpexploit
wpexploit
Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF
2022-04-20 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-1418
2022-05-16 15:15:09
cve
cve
CVE-2022-1418
2022-05-16 15:15:09