Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.11 views

CVE-2022-2546

The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wmexport AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response...

4.7CVSS6.7AI score0.01204EPSS
Exploits3References1
GithubExploit
GithubExploit
added 2024/09/19 2:5 p.m.93 views

Exploit for CVE-2022-2546

All-in-One WP Migration " Affect...

4.7CVSS5.8AI score0.01204EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2023/02/02 8:28 a.m.10 views

CVE-2022-2546 All-in-One WP Migration < 7.63 - Unauthenticated Reflected XSS

The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wmexport AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response...

4.8AI score0.01204EPSS
Exploits3References1
CVE
CVE
added 2023/02/02 8:28 a.m.125 views

CVE-2022-2546

The CVE-2022-2546 issue affects WordPress All-in-One WP Migration plugin &lt; 7.63. The vulnerability arises from using the wrong content type and not properly escaping the ai1wm_export response, enabling an attacker to craft a request that, when submitted by a visitor, injects arbitrary HTML/Jav...

4.7CVSS4.7AI score0.01204EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2023/02/02 8:28 a.m.39 views

CVE-2022-2546 All-in-One WP Migration < 7.63 - Unauthenticated Reflected XSS

The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wmexport AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response...

5.4AI score0.01204EPSS
Exploits3References1
Rows per page
Query Builder