What the vulnerability does
01Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Usersnap plugin <= 4.16 versions.
CVE-2022-47607
MEDIUM
CVE-2022-47607: WordPress Usersnap Plugin <= 4.16 is vulnerable to Cross Site Scripting (XSS)
CVSS base score
5.9/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Key dates
02Disclosure timeline
March 29, 2023
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-39423 Stored XSS via Eval Injection in EchartsRander Component
CVE-2017-20177 WangGuard Plugin WGG User List wangguard-user-info.php wangguard_users_info cross site scripting
CVE-2025-52753 WordPress Contact Form by Supsystic plugin <= 1.7.36 - Cross Site Scripting (XSS) vulnerability
CVE-2021-26947
CVE-2025-4323 MRCMS Edit Article Page cross site scripting
