WPScanTeam

Title	CVE ID	CVSS	Vector	Date
Analytify <= 4.2.0 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 20, 2022
Checkout Fields Manager for WooCommerce <= 5.5.6 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 14, 2022
Real Cookie Banner <= 2.18.1 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 14, 2022
Easy Testimonials <= 3.8 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 14, 2022
Table Rate Shipping Method for WooCommerce by Flexible Shipping <= 4.11.8 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 14, 2022
Gravity PDF <= 6.3.0 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 14, 2022
Clearfy Cache <= 2.0.4 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 14, 2022
Export any WordPress data to XML/CSV <= 1.3.5 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 7, 2022
Browser and Operating System Finder <= 1.2 - Missing Authorization		6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L	June 2, 2022
Woody code snippets <= 2.4.5 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 2, 2022
ShortPixel Image Optimizer <= 4.22.9 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 2, 2022
Spectra – WordPress Gutenberg Blocks <= 1.25.5 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 31, 2022
Video Conferencing with Zoom <= 3.9.2 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 31, 2022
Automatic Domain Changer <= 2.0.2 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 31, 2022
Visualizer <= 3.7.6 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 31, 2022
CURCY <= 2.1.17 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 31, 2022
New User Approve <= 2.4 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 30, 2022
Ask Me <= 6.8.1 - Cross-Site Request Forgery	CVE-2022-1424	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	May 16, 2022
WPify Woo Czech <= 3.5.6 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 16, 2022
External Links in New Window / New Tab <= 1.42 - Unauthenticated Stored Cross-Site Scripting	CVE-2022-1582	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 9, 2022

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation