CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability, which was classified as problematic, was found in WP-Ban. Affected is an unknown function of the file ban-options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 22b925449c84faa9b7496abe4f8f5661cb5eb3bf. ...

6.1CVSS6.3AI score0.00213EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:51 p.m.•7 views

CVE-2022-4260

The WP-Ban WordPress plugin before 1.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.6AI score0.00613EPSS

Exploits2References1

RedhatCVE•added 2025/02/05 4:9 a.m.•1 views

CVE-2024-54440

Cross-Site Request Forgery CSRF vulnerability in blueskyy WP-Ban-User wp-ban-user allows Stored XSS.This issue affects WP-Ban-User: from n/a through = 1.0...

7.1CVSS7.2AI score0.0011EPSS

Exploits0References1

NVD•added 2024/12/16 3:15 p.m.•4 views

CVE-2024-54440

Cross-Site Request Forgery CSRF vulnerability in blueskyy WP-Ban-User wp-ban-user allows Stored XSS.This issue affects WP-Ban-User: from n/a through = 1.0...

7.1CVSS0.0011EPSS

Exploits0References1

CVE•added 2024/12/16 2:13 p.m.•32 views

CVE-2024-54440

CVE-2024-54440 is a CSRF to Stored XSS vulnerability in the WP-Ban-User WordPress plugin (

7.1CVSS7.2AI score0.0011EPSS

Exploits0References1

Cvelist•added 2024/12/16 2:13 p.m.•11 views

CVE-2024-54440 WordPress WP-Ban-User plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in blueskyy WP-Ban-User wp-ban-user allows Stored XSS.This issue affects WP-Ban-User: from n/a through = 1.0...

7.1CVSS0.0011EPSS

Exploits0References1

Vulnrichment•added 2024/12/16 2:13 p.m.•6 views

CVE-2024-54440 WordPress WP-Ban-User plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in blueskyy WP-Ban-User allows Stored XSS.This issue affects WP-Ban-User: from n/a through 1.0...

7.1CVSS6.8AI score0.0011EPSS

Exploits0References1

Positive Technologies•added 2024/12/16 12:0 a.m.•1 views

PT-2024-36331 · Bluesky · Blueskyy Wp-Ban-User

Name of the Vulnerable Software and Affected Versions: blueskyy WP-Ban-User versions 1.0 and earlier Description: A Cross-Site Request Forgery CSRF issue in blueskyy WP-Ban-User allows Stored XSS. This means an attacker can perform actions on behalf of a user without their knowledge, potentially...

7.1CVSS6.8AI score0.0011EPSS

Exploits0References4

NVD•added 2023/01/02 10:15 p.m.•15 views

CVE-2022-4260

4.8CVSS4.7AI score0.00613EPSS

Exploits2References1

Prion•added 2023/01/02 10:15 p.m.•12 views

Cross site scripting

4.3CVSS4.7AI score0.00613EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/01/02 9:49 p.m.•8 views

CVE-2022-4260 WP-Ban < 1.69.1 - Admin+ Stored XSS

4.7AI score0.00613EPSS

Exploits2References1

CVE•added 2023/01/02 9:49 p.m.•78 views

CVE-2022-4260

CVE-2022-4260 affects the WordPress WP-Ban plugin prior to 1.69.1. Affected component: plugin settings handling, where input is not fully sanitized/escaped. Root cause: stored XSS could be triggered by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (e.g., multisite)....

4.8CVSS4.7AI score0.00613EPSS

Exploits2References1Affected Software1

CNNVD•added 2023/01/02 12:0 a.m.•2 views

WordPress plugin WP-Ban 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS4.9AI score0.00613EPSS

Exploits2References2

NVD•added 2022/12/21 7:15 p.m.•5 views

CVE-2022-4631

6.1CVSS0.00213EPSS

Exploits0References2