Lista CVE 2022/45xxx

CVE nel gruppo: 45xxx

CVE-2022-45063 (N/A)

CVE-2022-45064 (N/A)

CVE-2022-45065 (Apache Sling Engine: Include-based XSS)

CVE-2022-45066 (WordPress SEO Plugin by Squirrly SEO Plugin <= 12.1.20 is vulnerable to Cross Site Scripting (XSS))

CVE-2022-45067 (WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability)

CVE-2022-45068 (WordPress Exclusive Addons Elementor Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-45069 (WordPress Mercado Pago payments for WooCommerce Plugin <= 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-45070 (WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability)

CVE-2022-45071 (WordPress Conditional Checkout Fields for WooCommerce plugin <= 1.2.3 - Broken Authentication vulnerability)

CVE-2022-45072 (WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-45073 (WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-45074 (WordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2022-45076 (WordPress Activity Reactions For Buddypress Plugin <= 1.0.22 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-45077 (WordPress Flexible Elementor Panel Plugin <= 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-45078 (WordPress Betheme theme <= 26.5.1.4 - Auth. PHP Object Injection vulnerability)

CVE-2022-45079 (WordPress User Blocker Plugin <= 1.5.5 is vulnerable to CSV Injection)

CVE-2022-45080 (WordPress Loginizer Plugin <= 1.7.5 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-45082 (WordPress Add Multiple Marker Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2022-45083 (WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities)

CVE-2022-45084 (WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection)

CVE-2022-45085 (WordPress Loginizer Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS))

CVE-2022-45086 (Server-Side Request Forgery in Smartpower Web)

CVE-2022-45087 (Cross-site Scripting in Smartpower Web)

CVE-2022-45088 (Cross-site Scripting in Smartpower Web)

CVE-2022-45089 (Local File Inclusion in Smartpower Web)

CVE-2022-45090 (SQL Injection in Smartpower Web)

CVE-2022-45091 (SQL Injection in Smartpower Web)

CVE-2022-45092 (Cross-site Scripting in Smartpower Web)

CVE-2022-45093 (N/A)

CVE-2022-45094 (N/A)

CVE-2022-45095 (N/A)

CVE-2022-45096 (N/A)

CVE-2022-45097 (N/A)

CVE-2022-45098 (N/A)

CVE-2022-45099 (N/A)

CVE-2022-45100 (N/A)

CVE-2022-45101 (N/A)

CVE-2022-45102 (N/A)

CVE-2022-45103 (N/A)

CVE-2022-45104 (N/A)

CVE-2022-45109 (N/A)

CVE-2022-45112 (N/A)

CVE-2022-45113 (N/A)

CVE-2022-45115 (N/A)

CVE-2022-45118 (N/A)

CVE-2022-45119 (Telephony in communication subsystem sends public events with personal data, but the permission is not set.)

CVE-2022-45121 (N/A)

CVE-2022-45122 (CVE-2022-45121)

CVE-2022-45124 (N/A)

CVE-2022-45126 (N/A)

CVE-2022-45127 (Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime.)

CVE-2022-45128 (CVE-2022-45127)

CVE-2022-45129 (N/A)

CVE-2022-45130 (N/A)

CVE-2022-45132 (N/A)

CVE-2022-45135 (N/A)

CVE-2022-45136 (Apache Cocoon: SQL injection in DatabaseCookieAuthenticatorAction)

CVE-2022-45137 (Apache Jena SDB allows arbitrary deserialisation via JDBC)

CVE-2022-45138 (WAGO: Reflective Cross-Site Scripting)

CVE-2022-45139 (WAGO: Missing Authentication for Critical Function)