CVE-2022-3062

CVE-2022-3062: Simple File List < 4.4.12 - Reflected Cross-Site Scripting

Vendor Unknown

Product Simple File List

Weakness CWE-79 · XSS

Published September 26, 2022

Last update May 22, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting

Key dates

02Disclosure timeline

September 26, 2022 CVE published

May 22, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-3062

Related vulnerabilities

04Related CVE

CVE-2022-0565 Cross-site Scripting in pimcore/pimcore CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-29112 WordPress WooCommerce Google Feed Manager plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability CVE-2021-47858 Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting CVE-2025-53482 IPInfo: Message key XSS through several IPInfo messages in infobox and popup