What the vulnerability does
01Description
Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin <= 6.0.7 at WordPress.
CVE-2022-30536
LOW
CVE-2022-30536: WordPress WP Maintenance plugin <= 6.0.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
CVSS base score
3.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N
Key dates
02Disclosure timeline
July 21, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-41200 STIG Manager has reflected XSS vulnerability in the Web App
CVE-2024-34795 WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability
CVE-2021-34659 Plugmatter Pricing Table Lite <= 1.0.32 Reflected Cross-Site Scripting
CVE-2024-43359 XSS vulnerabilities in montagereview
CVE-2023-47853 WordPress myCred Plugin <= 2.6.1 is vulnerable to Cross Site Scripting (XSS)
