Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-1268PUBLISHED: 2022-05-23The Donate Extra WordPress plugin through 2.02 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected cross-Site Scripting
CVE-2022-1298PUBLISHED: 2022-05-23The Tabs WordPress plugin before 2.2.8 does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
CVE-2022-1320PUBLISHED: 2022-05-23The Sliderby10Web WordPress plugin before 1.2.52 does not properly sanitize and escape some of its settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
CVE-2022-1547PUBLISHED: 2022-05-23The Check & Log Email WordPress plugin before 1.0.6 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
CVE-2022-1558PUBLISHED: 2022-05-23The Curtain WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed
User Rank: Apprentice
12/1/2011 | 7:31:01 PM
But what their software is doing is recording my keystrokes in my phone that may or may not be sent over their network, then covertly sending it to them... even over Wi-fi connections that are NOT THEIR NETWORK. They are recording my notepad entries, calender entries, grocery lists.
Paint is grey if you wish, but it is still black and white.