{"vulnerability": "cve-2022-4507", "sightings": [{"uuid": "8d363fc5-21bf-4b3d-8899-86593915cdee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4507", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10526", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4507\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Real Cookie Banner WordPress plugin before 3.4.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins.\n\ud83d\udccf Published: 2023-01-16T15:37:55.105Z\n\ud83d\udccf Modified: 2025-04-04T18:12:06.867Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/93c61a70-5624-4c4d-ac3a-c598aec4f8b6", "creation_timestamp": "2025-04-04T18:36:22.000000Z"}, {"uuid": "1066a743-bdc5-41a9-bb7b-385fcfd31d13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45079", "type": "seen", "source": "https://t.me/cibsecurity/64515", "content": "\u203c CVE-2022-45079 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin &lt;=\u00c2\u00a01.7.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T14:25:25.000000Z"}, {"uuid": "65749db0-f646-454b-bf33-ceb92a47ab96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4507", "type": "seen", "source": "https://t.me/cibsecurity/56552", "content": "\u203c CVE-2022-4507 \u203c\n\nThe Real Cookie Banner WordPress plugin before 3.4.10 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-16T18:24:28.000000Z"}, {"uuid": "c7fb3392-544a-4907-9fdd-0b75e5a55910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45074", "type": "seen", "source": "https://t.me/cibsecurity/62669", "content": "\u203c CVE-2022-45074 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Paramveer Singh for Arete IT Private Limited Activity Reactions For Buddypress plugin &lt;=\u00c2\u00a01.0.22 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-23T16:33:27.000000Z"}, {"uuid": "2d64705d-303e-475c-a110-3d399cc1b0ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45071", "type": "seen", "source": "https://t.me/cibsecurity/53110", "content": "\u203c CVE-2022-45071 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin &lt;= 4.5.13 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T00:17:59.000000Z"}, {"uuid": "61cce554-4985-4a7f-ab53-2b9fd5c4908c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45072", "type": "seen", "source": "https://t.me/cibsecurity/53105", "content": "\u203c CVE-2022-45072 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin &lt;= 4.5.13 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T00:17:52.000000Z"}, {"uuid": "01e754de-abaf-44b3-9fe0-af47bab8fbe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45076", "type": "seen", "source": "https://t.me/cibsecurity/64524", "content": "\u203c CVE-2022-45076 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin &lt;=\u00c2\u00a02.3.8 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T14:25:40.000000Z"}]}