Lucene search
China National Vulnerability DatabaseCNVD-2022-67604HistoryApr 01, 2022 - 12:00 a.m.
WordPress CleanTalk plugin cross-site scripting vulnerability
2022-04-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
34.0%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress application plugin. WordPress CleanTalk plugin 5.173 and earlier versions have a cross-site scripting vulnerability that originates in /lib/Cleantalk/ ApbctWP/FindSpam/ListTable/Users.php. The page parameter in the column_ct_username function in /lib/Cleantalk/FindSpam/ListTable/Users.php lacks input and output data validation filters. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress cleantalk plugin | le | 5.173 |
Related
patchstack
patchstack
prion
prion
Cross site scripting
2022-04-19 21:15:00
nvd
nvd
CVE-2022-28222
2022-04-19 21:15:18
cve
cve
CVE-2022-28222
2022-04-19 21:15:18
osv
osv
CVE-2022-28222
2022-04-19 21:15:18
cvelist
cvelist
CVE-2022-28222 CleanTalk AntiSpam <= 5.173 Reflected XSS
2022-04-19 20:26:39
zdt
zdt
WordPress CleanTalk 5.173 Cross Site Scripting Vulnerability
2022-03-30 00:00:00
packetstorm
packetstorm
WordPress CleanTalk 5.173 Cross Site Scripting
2022-03-30 00:00:00
wpvulndb
wpvulndb
wordfence
wordfence
Reflected XSS in Spam protection, AntiSpam, FireWall by CleanTalk
2022-03-30 13:11:19