CVE-2022-36244

CVE-2022-36244: Multiple Stored Cross-Site Scripting Vulnerabilities on Shop Beat Services

Vendor Shop Beat

Product studio

Weakness CWE-79 · XSS

Published May 30, 2023

Last update January 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting (XSS) vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za.

Key dates

02Disclosure timeline

May 30, 2023 CVE published

January 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-36244 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2023-45005 WordPress Seriously Simple Stats Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS) CVE-2025-61949 CVE-2026-48228 Open ISES Tickets < 3.44.2 Reflected XSS via patient_w.php id and ticket_id Parameters CVE-2024-51590 WordPress Hoo Addons for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability CVE-2025-6677 Paragraphs table - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-084