What the vulnerability does
01Description
Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in amCharts: Charts and Maps plugin <= 1.4 at WordPress.
CVE-2022-36405
MEDIUM
CVE-2022-36405: WordPress amCharts: Charts and Maps plugin <= 1.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
August 23, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-24895 Cybersoldier < 1.7.0 - Admin+ Stored Cross-Site Scripting
CVE-2023-38359 IBM Cognos Analytics cross-site scripting
CVE-2024-8274 WP Booking Calendar <= 10.5 - Reflected Cross-Site Scripting
CVE-2022-0936 Cross-site Scripting (XSS) - Stored in autolab/autolab
CVE-2024-13588 Simplebooklet PDF Viewer and Embedder <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
