Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:29 p.m.5 views

CVE-2022-4467

The Search & Filter WordPress plugin before 1.2.16 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References1
OSV
OSV
added 2023/01/23 3:15 p.m.5 views

CVE-2022-4467

The Search & Filter WordPress plugin before 1.2.16 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.8AI score0.00471EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/23 2:31 p.m.4 views

CVE-2022-4467 Search & Filter < 1.2.16 - Contributor+ Stored XSS

The Search & Filter WordPress plugin before 1.2.16 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

6.1AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/01/23 2:31 p.m.79 views

CVE-2022-4467

The CVE-2022-4467 entry concerns the WordPress plugin Search & Filter prior to version 1.2.16. The vulnerability is a Stored XSS flaw caused by insufficient validation and escaping of certain shortcode attributes before output, allowing users with as little as a contributor role to inject script ...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder