Total
38440 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36533 | 2 Linux, Syncovery | 2 Linux Kernel, Syncovery | 2024-11-21 | N/A | 5.4 MEDIUM |
| Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting (XSS) vulnerability. | |||||
| CVE-2022-36530 | 1 Rageframe | 1 Rageframe | 2024-11-21 | N/A | 6.1 MEDIUM |
| An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page. | |||||
| CVE-2022-36527 | 1 Jflyfox | 1 Jfinal Cms | 2024-11-21 | N/A | 5.4 MEDIUM |
| Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module. | |||||
| CVE-2022-36428 | 1 Rockcontent | 1 Rock Convert | 2024-11-21 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Stage Rock Convert plugin <= 2.11.0 on WordPress. | |||||
| CVE-2022-36417 | 1 3d Tag Cloud Project | 1 3d Tag Cloud | 2024-11-21 | N/A | 6.1 MEDIUM |
| Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in 3D Tag Cloud plugin <= 3.8 at WordPress. | |||||
| CVE-2022-36405 | 1 Amcharts | 1 Amcharts\ | 2024-11-21 | N/A | 5.4 MEDIUM |
| Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in amCharts: Charts and Maps plugin <= 1.4 at WordPress. | |||||
| CVE-2022-36390 | 1 Total-soft | 1 Event Calendar | 2024-11-21 | N/A | 4.1 MEDIUM |
| Authenticated (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress. | |||||
| CVE-2022-36383 | 1 Webhelpagency | 1 Wha Wordsearch | 2024-11-21 | N/A | 5.4 MEDIUM |
| Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Word Search Puzzles game plugin <= 2.0.1 at WordPress. | |||||
| CVE-2022-36378 | 1 Floating Div Project | 1 Floating Div | 2024-11-21 | N/A | 4.8 MEDIUM |
| Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress. | |||||
| CVE-2022-36365 | 1 Webhelpagency | 1 Wha Crossword | 2024-11-21 | N/A | 5.4 MEDIUM |
| Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Crossword plugin <= 1.1.10 at WordPress. | |||||
| CVE-2022-36357 | 1 Webpsilon | 1 Ultimate Tables | 2024-11-21 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webpsilon ULTIMATE TABLES plugin <= 1.6.5 versions. | |||||
| CVE-2022-36356 | 1 Culture Object Project | 1 Culture Object | 2024-11-21 | N/A | 4.8 MEDIUM |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy / Thirty8 Digital Culture Object plugin <= 4.0.1 at WordPress. | |||||
| CVE-2022-36355 | 1 Easy Org Chart Project | 1 Easy Org Chart | 2024-11-21 | N/A | 5.4 MEDIUM |
| Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Easy Org Chart plugin <= 3.1 at WordPress. | |||||
| CVE-2022-36347 | 1 Thealpinepress | 1 Alpine Phototile For Pinterest | 2024-11-21 | N/A | 4.8 MEDIUM |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin <= 1.3.1 at WordPress. | |||||
| CVE-2022-36343 | 1 Ideastocode | 1 Enable Svg\, Webp \& Ico Upload | 2024-11-21 | N/A | 3.4 LOW |
| Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. | |||||
| CVE-2022-36341 | 1 As - Create Pinterest Pinboard Pages Project | 1 As - Create Pinterest Pinboard Pages | 2024-11-21 | N/A | 5.4 MEDIUM |
| Authenticated (subscriber+) plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability in Akash soni's AS – Create Pinterest Pinboard Pages plugin <= 1.0 at WordPress. | |||||
| CVE-2022-36311 | 1 Airspan | 2 Airvelocity 1500, Airvelocity 1500 Firmware | 2024-11-21 | N/A | 6.1 MEDIUM |
| Airspan AirVelocity 1500 prior to software version 15.18.00.2511 is vulnerable to injection leading to XSS in the SNMP community field in the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models. | |||||
| CVE-2022-36305 | 1 Vestacp | 1 Vesta Control Panel | 2024-11-21 | N/A | 6.1 MEDIUM |
| Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the body function at /web/api/v1/upload/UploadHandler.php. | |||||
| CVE-2022-36304 | 1 Vestacp | 1 Vesta Control Panel | 2024-11-21 | N/A | 6.1 MEDIUM |
| Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the generate_response function at /web/api/v1/upload/UploadHandler.php. | |||||
| CVE-2022-36303 | 1 Vestacp | 1 Vesta Control Panel | 2024-11-21 | N/A | 6.1 MEDIUM |
| Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the handle_file_upload function at /web/api/v1/upload/UploadHandler.php. | |||||