CVE-2026-22520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...

CVE-2025-22520

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

CVE-2025-22520

creationtimestamp| type| source ---|---|--- 2025-01-07 16:17:53+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62f5s7n62f...

CVE-2025-22520 WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

CVE-2025-22520

CVE-2025-22520 – Tock Widget CSRF (Cross-Site Request Forgery) Connected sources confirm a CSRF vulnerability affecting the Tock Widget (Tock Widget,

CVE-2025-22520 WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

CVE-2024-22520

creationtimestamp| type| source ---|---|--- 2024-02-06 23:31:36+00:00| seen| https://t.me/ctinow/180405 2024-02-14 23:16:31+00:00| seen| https://t.me/ctinow/185103 2024-03-01 15:46:09+00:00| seen| https://t.me/ctinow/197738...

CVE-2024-22520

An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones via transmission of crafted data packets...

CVE-2024-22520

CVE-2024-22520 affects Dronetag Drone Scanner 1.5.2. The issue allows an attacker to impersonate other drones by transmitting crafted data packets, per Red Hat, NVD, CNNVD and related sources. The CVSS v3.1 metrics indicate a NETWORK attack vector, LOW attack complexity, no privileges required, a...

CVE-2022-22520

creationtimestamp| type| source ---|---|--- 2022-09-14 18:26:28+00:00| seen| https://t.me/cibsecurity/49777...

CVE-2022-22520

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2...

CVE-2022-22520 User enumeration vulnerability in MB connect line and Helmholz products

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2...

CVE-2022-22520

CVE-2022-22520 describes a remote, unauthenticated user enumeration vulnerability in MB connect line products: mymbCONNECT24, mbCONNECT24, Helmholz myREX24, and myREX24.virtual up to v2.11.2. The underlying issue is that the webservice allows attackers to enumerate valid users by sending specific...

CVE-2023-22520

...

CVE-2023-22520

CVE-2023-22520 entry is rejected and not used; it does not represent an active vulnerability.