{"vulnerability": "CVE-2022-2785", "sightings": [{"uuid": "1f298560-1228-4e87-bcf4-2d46e0cf766f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27856", "type": "seen", "source": "https://t.me/cibsecurity/63735", "content": "\u203c CVE-2022-27856 \u203c\n\nAuth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Atlas Gondal Export All URLs plugin <=\u00c2\u00a04.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T14:14:20.000000Z"}, {"uuid": "dc5f0f3e-e47e-4c7b-80bc-aa73ca39c9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27858", "type": "seen", "source": "https://t.me/cibsecurity/52678", "content": "\u203c CVE-2022-27858 \u203c\n\nCSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T22:35:42.000000Z"}, {"uuid": "14682eaa-456c-43e4-938b-fcbf71978cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27855", "type": "seen", "source": "https://t.me/cibsecurity/52669", "content": "\u203c CVE-2022-27855 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Fatcat Apps Analytics Cat plugin <= 1.0.9 on WordPress allows Plugin Settings Change.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T22:35:31.000000Z"}, {"uuid": "05a5b7c4-a5ce-4a66-9374-24dff5e37fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27859", "type": "seen", "source": "https://t.me/cibsecurity/44521", "content": "\u203c CVE-2022-27859 \u203c\n\nMultiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:23.000000Z"}, {"uuid": "5dd62da3-1fa2-4e7e-9964-3ff5f146e871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27854", "type": "seen", "source": "https://t.me/cibsecurity/41450", "content": "\u203c CVE-2022-27854 \u203c\n\nStored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher role via &wpt_test_page_submit_button_caption parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-26T22:37:19.000000Z"}, {"uuid": "90da3327-3562-4ef6-b9ee-52634b30c72d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27853", "type": "seen", "source": "https://t.me/cibsecurity/41033", "content": "\u203c CVE-2022-27853 \u203c\n\nAuthenticated (author or higher role) Stored Cross-Site Scripting (XSS) in Contest Gallery (WordPress plugin) <= 13.1.0.9\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:29:30.000000Z"}, {"uuid": "254c5d00-0305-43e3-9a97-011c9f5359ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27851", "type": "seen", "source": "https://t.me/cibsecurity/40886", "content": "\u203c CVE-2022-27851 \u203c\n\nCross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T20:20:23.000000Z"}, {"uuid": "c12a0227-a785-4bfe-aabc-e565be5a2ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27850", "type": "seen", "source": "https://t.me/cibsecurity/40885", "content": "\u203c CVE-2022-27850 \u203c\n\nCross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attacker to clear the chat log or delete a chat message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T20:20:21.000000Z"}, {"uuid": "1adcd505-5e86-4255-ad11-29619535d47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27852", "type": "seen", "source": "https://t.me/cibsecurity/40881", "content": "\u203c CVE-2022-27852 \u203c\n\nMultiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T20:20:17.000000Z"}]}