{"vulnerability": "CVE-2022-4693", "sightings": [{"uuid": "486e3be3-1d00-4530-9c81-229474f82bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46934", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9134", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46934\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: kkFileView v4.1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.\n\ud83d\udccf Published: 2023-02-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-27T16:10:32.387Z\n\ud83d\udd17 References:\n1. https://github.com/kekingcn/kkFileView/issues/411", "creation_timestamp": "2025-03-27T16:26:59.000000Z"}, {"uuid": "1a0390d0-203c-4b57-86f0-c436e869267b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4693", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10094", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4693\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user\u2019s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrative role on the website.\n\ud83d\udccf Published: 2023-01-23T14:31:53.721Z\n\ud83d\udccf Modified: 2025-04-02T15:30:53.916Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/1eee10a8-135f-4b76-8289-c381ff1f51ea\n2. https://lana.codes/lanavdb/eeabe1d3-6f64-400a-8fb2-0865efdf6957", "creation_timestamp": "2025-04-02T15:33:22.000000Z"}, {"uuid": "617bf9ff-5c46-4028-b764-3a83f2babcc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46934", "type": "seen", "source": "https://t.me/cibsecurity/57348", "content": "\u203c CVE-2022-46934 \u203c\n\nkkFileView v4.1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T22:14:23.000000Z"}, {"uuid": "3aee9165-44bc-4f8d-a8f0-19fc4c3901c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4693", "type": "seen", "source": "https://t.me/cibsecurity/56854", "content": "\u203c CVE-2022-4693 \u203c\n\nThe User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user\u00e2\u20ac\u2122s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrative role on the website.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T18:31:12.000000Z"}]}