CVE-2022-4736 LOW

CVE-2022-4736: Venganzas del Pasado cross site scripting

Vendor N/A

Product Venganzas del Pasado

Weakness CWE-79 · XSS

Published December 25, 2022

Last update April 10, 2025

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in Venganzas del Pasado and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument the_title leads to cross site scripting. The attack may be launched remotely. The name of the patch is 62339b2ec445692c710b804bdf07aef4bd247ff7. It is recommended to apply a patch to fix this issue. VDB-216770 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

December 25, 2022 CVE published

April 10, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-4736

Related vulnerabilities

04Related CVE

CVE-2025-11963 Reflected XSS in Saysis's StarCities CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget CVE-2025-32526 WordPress Zephyr Project Manager plugin <= 3.3.101 - Cross Site Scripting (XSS) vulnerability CVE-2026-24836 DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes CVE-2024-10869 GuardGiant Brute Force Protection <= 2.2.6 - Reflected Cross-Site Scripting