https://vulnerability.circl.lu/sightings/feed 2026-05-10T12:57:58.587403+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/d20c0839-fe2a-4cbe-ab24-fd3ffa1c5634/export 2026-05-10T12:57:58.994466+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "d20c0839-fe2a-4cbe-ab24-fd3ffa1c5634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0376", "type": "seen", "source": "https://t.me/cibsecurity/43547", "content": "\u203c CVE-2022-0376 \u203c\n\nThe User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-30T12:18:12.000000Z"} 2022-05-30T12:18:12+00:00