{"vulnerability": "CVE-2022-3244", "sightings": [{"uuid": "7bbe391b-4998-480a-9e61-23b9bbe46fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3244", "type": "seen", "source": "https://t.me/cibsecurity/51565", "content": "\u203c CVE-2022-3244 \u203c\n\nThe Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T16:13:10.000000Z"}, {"uuid": "6e43bae9-0401-40f5-b632-f4edb283da1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32449", "type": "seen", "source": "https://t.me/cibsecurity/45774", "content": "\u203c CVE-2022-32449 \u203c\n\nTOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-07T22:15:45.000000Z"}, {"uuid": "2e18eeca-c6b3-413c-aa35-7d7e585d9c1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32442", "type": "seen", "source": "https://t.me/cibsecurity/44747", "content": "\u203c CVE-2022-32442 \u203c\n\nu5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? \"Onmouseover=%27tzgl (96502)%27bad=\", it can cause html injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T20:22:56.000000Z"}, {"uuid": "218e8e29-e6a8-4a67-92c0-b59a0b433db5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32441", "type": "seen", "source": "https://t.me/cibsecurity/45744", "content": "\u203c CVE-2022-32441 \u203c\n\nA memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-07T18:23:22.000000Z"}, {"uuid": "801e9f8c-0ff8-4e78-9770-427344e9ba2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-32444", "type": "seen", "source": "https://t.me/cibsecurity/44746", "content": "\u203c CVE-2022-32444 \u203c\n\nAn issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T20:22:55.000000Z"}, {"uuid": "e448cad9-2653-457b-aa5a-5c1d519c8713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3244", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16165", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3244\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-13T15:55:04.083Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/de4bc449-3dd4-4776-943f-ac59ae813132", "creation_timestamp": "2025-05-13T16:30:47.000000Z"}]}