CVE-2023-22706
published 2023-05-15CVE-2023-22706: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions.
PriorityP422medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.38%
30.1th percentile
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| propertyhive | propertyhive | n/a – 1.5.48 | — |
| wp-property-hive | propertyhive | <= 1.5.48 | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cisa7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f7fj-3335-3232: Unauth
ghsa_unreviewed·2023-07-06
CVE-2023-22706 [MEDIUM] CWE-79 GHSA-f7fj-3335-3232: Unauth
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions.
CISA
Arm Mali GPU Kernel Driver Unspecified Vulnerability
cisa·2023-03-30·CVSS 7.8
CVE-2022-22706 [HIGH] CWE-119 Arm Mali GPU Kernel Driver Unspecified Vulnerability
Vulnerability: Arm Mali GPU Kernel Driver Unspecified Vulnerability
Affected: Arm Mali Graphics Processing Unit (GPU)
Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.
Required Action: Apply updates per vendor instructions.
Notes: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2022-22706
Remediation Due Date: 2023-04-20
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-1-5-47-reflected-cross-site-scripting-xss-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-1-5-47-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
2023-05-15
Published