{"vulnerability": "cve-2022-1474", "sightings": [{"uuid": "7f5b374b-68d3-4596-897f-2116e8a6fe2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1474", "type": "seen", "source": "https://t.me/cibsecurity/45925", "content": "\u203c CVE-2022-1474 \u203c\n\nThe WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-11T16:19:36.000000Z"}, {"uuid": "cd69dcbe-6529-49a1-93a0-5e120f650980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1474", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/1238", "content": "SCodeScanner stands for Source Code scanner (https://www.kitploit.com/search/label/Scanner) where the user can scans (https://www.kitploit.com/search/label/Scans) the source code for finding the Critical Vulnerabilities. The main objective for this scanner is to find the vulnerabilities (https://www.kitploit.com/search/label/vulnerabilities) inside the source code before code gets published in Prod.\nFeaturesSupported  PHP (https://github.com/agrawalsmart7/scodescanner/tree/main/src/php) Language\nSupported YAML (https://github.com/agrawalsmart7/scodescanner/tree/main/src/yaml) Language\nPass results to bug tracking (https://www.kitploit.com/search/label/Tracking) services like Jira also Slack (https://www.kitploit.com/search/label/Slack) (Sending files to group to multiple people at once).\nGives results in JSON format, which can easily be used to any other program.Works with Rules. We only need to create some rules which the target rule is not present in php/yaml directory.Rules that can scan advance patternsAchievementsSCodeScanner received 5 CVEs for finding vulnerabilities in multiple CMS plugins.CVE-2022-1465CVE-2022-1474CVE-2022-1527CVE-2022-1532CVE-2022-1604How to run?Download the repository -\nRun pip3 install -r requirements.txt \nAnd run python3 scscanner.py --help \nFeedback/ImporvementsI would love to hear your feedback on this tool. Open issues if you found any. And open PR request if you have something.ContactUtkarsh Agrawal (https://twitter.com/agrawalsmart7)\nWebsite (https://smart7.in/)\n\nDownload Scodescanner (https://github.com/agrawalsmart7/scodescanner)", "creation_timestamp": "2022-09-23T11:56:44.000000Z"}]}