Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:15 a.m.8 views

CVE-2022-4675

The Mongoose Page Plugin WordPress plugin before 1.9.0 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References1
Circl
Circl
added 2023/01/23 6:25 p.m.5 views

CVE-2022-4675

creationtimestamp| type| source ---|---|--- 2023-01-23 18:25:22+00:00| seen| https://t.me/cibsecurity/56850...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References1
NVD
NVD
added 2023/01/23 3:15 p.m.26 views

CVE-2022-4675

The Mongoose Page Plugin WordPress plugin before 1.9.0 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/01/23 2:31 p.m.58 views

CVE-2022-4675

The CVE-2022-4675 entry concerns the WordPress plugin The Mongoose Page Plugin, prior to version 1.9.0. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient validation and escaping of a shortcode attribute, enabling users with as little as Contributor role to injec...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/01/23 2:31 p.m.28 views

CVE-2022-4675 Mongoose Page Plugin < 1.9.0 - Contributor+ Stored XSS via Shortcode

The Mongoose Page Plugin WordPress plugin before 1.9.0 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.5AI score0.00471EPSS
Exploits2References1
Rows per page
Query Builder