Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:3 p.m.11 views

CVE-2022-3420

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

4.8CVSS5.8AI score0.0047EPSS
Exploits2References1
Circl
Circl
added 2022/10/31 7:38 p.m.5 views

CVE-2022-3420

creationtimestamp| type| source ---|---|--- 2022-10-31 19:38:08+00:00| seen| https://t.me/cibsecurity/52298...

4.8CVSS4.9AI score0.0047EPSS
Exploits2References1
NVD
NVD
added 2022/10/31 4:15 p.m.13 views

CVE-2022-3420

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

4.8CVSS0.0047EPSS
Exploits2References1
OSV
OSV
added 2022/10/31 4:15 p.m.4 views

CVE-2022-3420

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

4.8CVSS5.8AI score0.0047EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.17 views

CVE-2022-3420 Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

5.1AI score0.0047EPSS
Exploits2References1
CVE
CVE
added 2022/10/31 12:0 a.m.59 views

CVE-2022-3420

The CVE-2022-3420 entry describes a Stored XSS vulnerability in the WordPress plugin “Official Integration for Billingo” prior to version 3.4.0. The root cause is failure to sanitize and escape certain plugin settings, which could allow a high-privilege user (as low as Shop Manager) to inject mal...

4.8CVSS4.8AI score0.0047EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.6 views

CVE-2022-3420 Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS

The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

5.8AI score0.0047EPSS
Exploits2References1
Rows per page
Query Builder