https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 05 Jun 2026 05:21:37 +0000 https://vulnerability.circl.lu/sighting/5e24505c-becb-4833-a53b-65c3f2a75662/export {"uuid": "5e24505c-becb-4833-a53b-65c3f2a75662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0661", "type": "seen", "source": "https://t.me/cibsecurity/41064", "content": "\u203c CVE-2022-0661 \u203c\n\nThe Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cross-site scripting (XSS) vulnerability. Further it is also possible to inject PHP code, leading to a Remote Code execution (RCE) vulnerability, even if the DISALLOW_FILE_EDIT and DISALLOW_FILE_MOD constants are both set.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T22:23:51.000000Z"} {"uuid": "5e24505c-becb-4833-a53b-65c3f2a75662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0661", "type": "seen", "source": "https://t.me/cibsecurity/41064", "content": "\u203c CVE-2022-0661 \u203c\n\nThe Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cross-site scripting (XSS) vulnerability. Further it is also possible to inject PHP code, leading to a Remote Code execution (RCE) vulnerability, even if the DISALLOW_FILE_EDIT and DISALLOW_FILE_MOD constants are both set.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T22:23:51.000000Z"} https://vulnerability.circl.lu/sighting/5e24505c-becb-4833-a53b-65c3f2a75662/export Mon, 18 Apr 2022 22:23:51 +0000