{"vulnerability": "cve-2022-4784", "sightings": [{"uuid": "dc369161-7b40-431e-8d29-7fc4c389d331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4784", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7560", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4784\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Hueman Addons WordPress plugin through 2.3.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks\n\ud83d\udccf Published: 2023-02-21T08:50:50.067Z\n\ud83d\udccf Modified: 2025-03-14T13:56:39.577Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/a30c6f1e-62fd-493d-ad5e-1b55ceec62a9", "creation_timestamp": "2025-03-14T14:45:17.000000Z"}, {"uuid": "5db5de22-7035-448d-9fa7-eefd69219022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47848", "type": "seen", "source": "https://t.me/cibsecurity/70600", "content": "\u203c CVE-2022-47848 \u203c\n\nAn issue was discovered in Bezeq Vtech NB403-IL version BZ_2.02.07.09.13.01 and Vtech IAD604-IL versions BZ_2.02.07.09.13.01, BZ_2.02.07.09.13T, and BZ_2.02.07.09.09T, allows remote attackers to gain sensitive information via rootDesc.xml page of the UPnP service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T20:25:34.000000Z"}, {"uuid": "f86673a6-eb6d-4d64-9c50-c1bea9aac505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4784", "type": "seen", "source": "https://t.me/cibsecurity/58572", "content": "\u203c CVE-2022-4784 \u203c\n\nThe Hueman Addons WordPress plugin through 2.3.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T12:16:47.000000Z"}]}