CVE-2022-2383
MEDIUM EXPLOITED NUCLEIFeed Them Social < 3.0.1 - Reflected Cross-Site Scripting
Title source: llmExploitation Summary
CVE-2022-2383 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
The Feed Them Social WordPress plugin before 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
Nuclei Templates (1)
WordPress Feed Them Social <3.0.1 - Cross-Site Scripting
MEDIUMVERIFIEDby akincibor
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/4a3b3023-e740-411c-a77c-6477b80d7531
Scores
CVSS v3
6.1
EPSS
0.0469
EPSS Percentile
90.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
VulnCheck KEV
2022-07-26
CWE
CWE-79
Status
published
Products (1)
slickremix/feed_them_social
< 3.0.1
Published
Aug 22, 2022
Tracked Since
Feb 18, 2026