Lucene search
K

5 matches found

Circl
Circl
added 2022/09/05 4:12 p.m.2 views

CVE-2022-2775

creationtimestamp| type| source ---|---|--- 2022-09-05 16:12:19+00:00| seen| https://t.me/cibsecurity/49292 2025-09-09 20:51:37+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

5.5CVSS5.5AI score0.00597EPSS
Exploits2References1
OSV
OSV
added 2022/09/05 1:15 p.m.2 views

CVE-2022-2775

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS5.8AI score0.00597EPSS
Exploits2References1
NVD
NVD
added 2022/09/05 1:15 p.m.40 views

CVE-2022-2775

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS0.00597EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/09/05 12:35 p.m.42 views

CVE-2022-2775 Fast Flow < 1.2.13 - Admin+ Stored Cross-Site Scripting

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.3AI score0.00597EPSS
Exploits2References1
CVE
CVE
added 2022/09/05 12:35 p.m.68 views

CVE-2022-2775

The CVE-2022-2775 entry concerns the Fast Flow WordPress plugin, affected versions prior to 1.2.13. The root cause is inadequate sanitization/escaping of widget settings, enabling Stored Cross-Site Scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, inc...

5.5CVSS5AI score0.00597EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder