{"vulnerability": "cve-2022-4536", "sightings": [{"uuid": "1269c3ed-5da0-4b59-8254-45db16428cfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45365", "type": "seen", "source": "https://t.me/ctinow/166336", "content": "https://ift.tt/tk2a7EI\nCVE-2022-45365 | Aleksandar Uro\u0161evi\u0107 Stock Ticker Plugin up to 3.23.2 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T07:51:23.000000Z"}, {"uuid": "31cc3316-9c5a-431b-9542-c7753c4cbcb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45362", "type": "seen", "source": "https://t.me/ctinow/160905", "content": "https://ift.tt/s0f6POJ\nCVE-2022-45362 | Paytm Payment Gateway Plugin up to 2.7.0 on WordPress server-side request forgery", "creation_timestamp": "2023-12-30T15:32:07.000000Z"}, {"uuid": "48766593-947b-4b39-861e-a435f4141a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4536", "type": "seen", "source": "https://t.me/cvedetector/4574", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-4536 - IP Vault \u2013 WP Firewall IP Address Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-4536 \nPublished : Aug. 31, 2024, 9:15 a.m. | 19\u00a0minutes ago \nDescription : The IP Vault \u2013 WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-31T11:42:56.000000Z"}, {"uuid": "7e9528d3-8e93-4835-8974-8a95899500c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45362", "type": "seen", "source": "https://t.me/arpsyndicate/1546", "content": "#ExploitObserverAlert\n\nCVE-2022-45362\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45362.", "creation_timestamp": "2023-12-08T11:14:03.000000Z"}, {"uuid": "b62a530a-d54b-423d-a321-ee8a9e6b5354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45364", "type": "seen", "source": "https://t.me/cibsecurity/64704", "content": "\u203c CVE-2022-45364 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload \u00e2\u20ac\u201c Contact Form 7 plugin <=\u00c2\u00a01.3.6.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-24T20:27:28.000000Z"}, {"uuid": "1f398245-86c8-44ac-9b07-1500ddeefe76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45363", "type": "seen", "source": "https://t.me/cibsecurity/53319", "content": "\u203c CVE-2022-45363 \u203c\n\nAuth. (subscriber+) Stored Cross-Site Scripting (XSS) in Muffingroup Betheme theme <= 26.6.1 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T12:12:48.000000Z"}]}