Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-24732

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00377EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 p.m.3 views

CVE-2022-1418

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...

6.1CVSS5.7AI score0.00377EPSS
Exploits2References1
NVD
NVD
added 2022/05/16 3:15 p.m.16 views

CVE-2022-1418

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...

6.1CVSS0.00377EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/05/16 3:15 p.m.6 views

CVE-2022-1418

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...

6.1CVSS6.4AI score0.00377EPSS
Exploits2References2
OSV
OSV
added 2022/05/16 3:15 p.m.3 views

CVE-2022-1418

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...

6.1CVSS5.8AI score0.00377EPSS
Exploits2References1
Prion
Prion
added 2022/05/16 3:15 p.m.11 views

Cross site scripting

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...

4.3CVSS6AI score0.00377EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/05/16 2:30 p.m.135 views

CVE-2022-1418

CVE-2022-1418 affects the WordPress Social Stickers plugin up to version 2.2.9. The issue is a lack of CSRF protection when updating its Social Network settings and insufficient escaping of certain fields, enabling a logged-in admin to modify settings in a way that could trigger Stored Cross-Site...

6.1CVSS5.9AI score0.00377EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.4 views

WordPress plugin Social Stickers 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Social Stickerss plugin 2.2.9 and earlier versions are vulnerable to a cross-site scripting...

6.1CVSS6.3AI score0.00377EPSS
Exploits2References2
wpexploit
wpexploit
added 2022/04/20 12:0 a.m.157 views

Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. history.pushState'', '', '/' input type="hidden"...

6.1CVSS6AI score0.00377EPSS
Exploits2
Patchstack
Patchstack
added 2022/04/20 12:0 a.m.102 views

WordPress Social Stickers plugin <= 2.2.9 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability

Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress Social Stickers plugin versions = 2.2.9. Solution Deactivate and delete. This plugin has been closed as of April 19, 2022 and is not...

6.1CVSS2.6AI score0.00377EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/20 12:0 a.m.18 views

Social Stickers <= 2.2.9 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues. PoC...

6.1CVSS4AI score0.00377EPSS
Exploits2Affected Software1
Rows per page
Query Builder