https://vulnerability.circl.lu/sightings/feed 2026-05-04T09:57:42.542606+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/0290797d-44b2-4293-8045-3a9e9a7ba13d/export 2026-05-04T09:57:42.865227+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "0290797d-44b2-4293-8045-3a9e9a7ba13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45017", "type": "seen", "source": "https://t.me/cibsecurity/53241", "content": "\u203c CVE-2022-45017 \u203c\n\nA cross-site scripting (XSS) vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:12.000000Z"} 2022-11-21T18:37:12+00:00 https://vulnerability.circl.lu/sighting/8ff60ecd-b535-427d-b635-d2704700dd99/export 2026-05-04T09:57:42.865154+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8ff60ecd-b535-427d-b635-d2704700dd99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45016", "type": "seen", "source": "https://t.me/cibsecurity/53244", "content": "\u203c CVE-2022-45016 \u203c\n\nA cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:15.000000Z"} 2022-11-21T18:37:15+00:00 https://vulnerability.circl.lu/sighting/6c039880-8c9b-4d30-a58c-823645551c5b/export 2026-05-04T09:57:42.865076+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6c039880-8c9b-4d30-a58c-823645551c5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45015", "type": "seen", "source": "https://t.me/cibsecurity/53249", "content": "\u203c CVE-2022-45015 \u203c\n\nA cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:22.000000Z"} 2022-11-21T18:37:22+00:00 https://vulnerability.circl.lu/sighting/d9a4bd37-ad1e-4ea9-b2df-78077fe0b351/export 2026-05-04T09:57:42.864995+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "d9a4bd37-ad1e-4ea9-b2df-78077fe0b351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45013", "type": "seen", "source": "https://t.me/cibsecurity/53254", "content": "\u203c CVE-2022-45013 \u203c\n\nA cross-site scripting (XSS) vulnerability in the Show Advanced Option module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Section Header field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:30.000000Z"} 2022-11-21T18:37:30+00:00 https://vulnerability.circl.lu/sighting/a42a3728-7e15-41ca-b630-35156eb145d1/export 2026-05-04T09:57:42.864906+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a42a3728-7e15-41ca-b630-35156eb145d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45012", "type": "seen", "source": "https://t.me/cibsecurity/53242", "content": "\u203c CVE-2022-45012 \u203c\n\nA cross-site scripting (XSS) vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T00:38:38.000000Z"} 2022-11-22T00:38:38+00:00 https://vulnerability.circl.lu/sighting/0ddfd244-a3ff-477c-bdde-9cb80769decb/export 2026-05-04T09:57:42.864710+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "0ddfd244-a3ff-477c-bdde-9cb80769decb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4501", "type": "seen", "source": "https://t.me/cibsecurity/54562", "content": "\u203c CVE-2022-4501 \u203c\n\nThe Mega Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the vc_saving_data function in versions up to, and including, 4.2.7. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin's settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-15T00:22:56.000000Z"} 2022-12-15T00:22:56+00:00 https://vulnerability.circl.lu/sighting/598d70ad-4001-4c14-a402-b39702af483c/export 2026-05-04T09:57:42.864596+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "598d70ad-4001-4c14-a402-b39702af483c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45016\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T14:00:48.432Z\n\ud83d\udd17 References:\n1. https://github.com/WBCE/WBCE_CMS\n2. https://github.com/gozan10\n3. https://github.com/gozan10/cve/issues/5", "creation_timestamp": "2025-04-29T14:11:35.000000Z"} 2025-04-29T14:11:35+00:00 https://vulnerability.circl.lu/sighting/a454f78c-5065-4245-9d26-07093477a3c0/export 2026-05-04T09:57:42.862143+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a454f78c-5065-4245-9d26-07093477a3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45017", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13812", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45017\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T13:59:07.792Z\n\ud83d\udd17 References:\n1. https://github.com/WBCE/WBCE_CMS\n2. https://github.com/gozan10\n3. https://github.com/WBCE/WBCE_CMS/issues/525", "creation_timestamp": "2025-04-29T14:11:40.000000Z"} 2025-04-29T14:11:40+00:00