Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.6 views

CVE-2022-3469

The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...

4.8CVSS5.9AI score0.00532EPSS
Exploits2References1
Circl
Circl
added 2025/05/05 4:19 p.m.5 views

CVE-2022-3469

creationtimestamp| type| source ---|---|--- 2025-05-05 16:19:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14904...

4.8CVSS4.9AI score0.00532EPSS
Exploits2References1
CVE
CVE
added 2022/11/14 12:0 a.m.65 views

CVE-2022-3469

CVE-2022-3469 affects the WP Attachments WordPress plugin prior to 5.0.5. The issue is that certain settings are not properly sanitized/escaped, enabling stored cross-site scripting (XSS) by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (such as in multisite setups)...

4.8CVSS4.8AI score0.00532EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/14 12:0 a.m.6 views

CVE-2022-3469 WP Attachments < 5.0.5 - Admin+ Stored Cross-Site Scripting

The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...

5.9AI score0.00532EPSS
Exploits2References1
Rows per page
Query Builder