{"vulnerability": "CVE-2022-4325", "sightings": [{"uuid": "743bb260-142f-4d9c-ab42-baa93ce9a9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4325", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4325\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Post Status Notifier Lite WordPress plugin before 1.10.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high privilege users such as admin.\n\ud83d\udccf Published: 2023-01-09T22:13:46.493Z\n\ud83d\udccf Modified: 2025-04-09T17:40:45.895Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/5b983c48-6b05-47cf-85cb-28bbeec17395", "creation_timestamp": "2025-04-09T17:47:50.000000Z"}, {"uuid": "ec02176a-53de-4a29-9a22-984cdfe53838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4325", "type": "seen", "source": "https://t.me/cibsecurity/56197", "content": "\u203c CVE-2022-4325 \u203c\n\nThe Post Status Notifier Lite WordPress plugin before 1.10.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high privilege users such as admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:12.000000Z"}, {"uuid": "32ee0db0-6cfe-4b6c-b20f-3f73a8387d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43250", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14619", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43250\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\ud83d\udccf Published: 2022-11-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T20:36:50.530Z\n\ud83d\udd17 References:\n1. https://github.com/strukturag/libde265/issues/346\n2. https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html\n3. https://www.debian.org/security/2023/dsa-5346", "creation_timestamp": "2025-05-02T21:16:45.000000Z"}, {"uuid": "48b735d3-ebab-45b1-92e7-a7a83cf94909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43259", "type": "seen", "source": "https://t.me/cibsecurity/51685", "content": "\u203c CVE-2022-43259 \u203c\n\nTenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T18:14:32.000000Z"}, {"uuid": "181bf074-2726-41aa-8ada-337800484ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43253", "type": "seen", "source": "https://t.me/cibsecurity/52459", "content": "\u203c CVE-2022-43253 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:47.000000Z"}, {"uuid": "1daf6028-8f75-4eee-87ed-a84d1e2935d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43250", "type": "seen", "source": "https://t.me/cibsecurity/52474", "content": "\u203c CVE-2022-43250 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:10.000000Z"}, {"uuid": "bc5f1671-ba1b-4e75-9e5a-06c0275be184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43255", "type": "seen", "source": "https://t.me/cibsecurity/52473", "content": "\u203c CVE-2022-43255 \u203c\n\nGPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:09.000000Z"}, {"uuid": "32721332-f495-41f1-8f07-6130b6592b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43252", "type": "seen", "source": "https://t.me/cibsecurity/52465", "content": "\u203c CVE-2022-43252 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:56.000000Z"}]}