Lucene search
K

5 matches found

NVD
NVD
added 2022/10/31 4:15 p.m.19 views

CVE-2022-2190

The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS0.00593EPSS
Exploits3References1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.25 views

CVE-2022-2190 Envira Gallery Lite < 1.8.4.7 - Reflected Cross-Site Scripting

The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.3AI score0.00593EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.10 views

CVE-2022-2190 Envira Gallery Lite < 1.8.4.7 - Reflected Cross-Site Scripting

The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1AI score0.00593EPSS
Exploits3References1
CVE
CVE
added 2022/10/31 12:0 a.m.70 views

CVE-2022-2190

CVE-2022-2190 affects the WordPress Gallery Plugin (Envira Gallery Lite) versions prior to 1.8.4.7. The underlying issue is that the plugin does not escape the $_SERVER['REQUEST_URI'] value before outputting it into an HTML attribute, enabling Reflected Cross-Site Scripting in older browsers. Acc...

6.1CVSS6.1AI score0.00593EPSS
Exploits3References1Affected Software1
Circl
Circl
added 2022/04/05 7:21 a.m.5 views

CVE-2022-2190

creationtimestamp| type| source ---|---|--- 2022-04-05 07:21:47+00:00| published-proof-of-concept| https://t.me/reconshell/1236 2022-04-09 07:39:13+00:00| published-proof-of-concept| Telegram/-6ODXgzzWCxBZpYl68OshWRdD8e5O8jb0SVarNqOSvRoOA0 2022-10-31 19:37:58+00:00| seen|...

6.1CVSS6AI score0.00593EPSS
Exploits3References3
Rows per page
Query Builder