{"vulnerability": "cve-2022-4717", "sightings": [{"uuid": "7e4dc835-27b1-4a3e-95c8-b3df9ebd1826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4717", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8781", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4717\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Strong Testimonials WordPress plugin before 3.0.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.\n\ud83d\udccf Published: 2023-02-06T19:59:15.762Z\n\ud83d\udccf Modified: 2025-03-25T20:42:26.553Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/14b679f5-44a8-46d4-89dd-94eb647cb672", "creation_timestamp": "2025-03-25T21:25:30.000000Z"}, {"uuid": "0337be97-55f8-46e0-b4da-d6c6cc4f78e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47172", "type": "seen", "source": "https://t.me/cibsecurity/66830", "content": "\u203c CVE-2022-47172 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <=\u00c2\u00a02.6.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-17T18:40:28.000000Z"}, {"uuid": "ee8b1e53-04de-47b0-83c4-e21b8f9cd53b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47179", "type": "seen", "source": "https://t.me/cibsecurity/59111", "content": "\u203c CVE-2022-47179 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weather plugin <= 5.6.11 leads to post duplication as a draft.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-28T18:27:55.000000Z"}, {"uuid": "2e710b64-5abe-4779-adcf-02a8864e2c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47176", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646164791415079", "content": "", "creation_timestamp": "2024-12-13T15:14:17.565975Z"}, {"uuid": "73db3a03-8525-4c7a-abb4-23d0379f0b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47175", "type": "seen", "source": "https://t.me/cibsecurity/71709", "content": "\u203c CVE-2022-47175 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Elementor Addons and Templates plugin <=\u00c2\u00a01.3.75 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T16:26:34.000000Z"}, {"uuid": "4708e773-f06e-415b-b188-0809a324454c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47170", "type": "seen", "source": "https://t.me/cibsecurity/60879", "content": "\u203c CVE-2022-47170 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.48 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T12:39:00.000000Z"}]}