| CVE-2022-41634 | WordPress Media Library Folders plugin <= 7.1.1 - Cross-Site Request Forgery (CSRF) vulnerability | Max Foundry | Media Library Folders (WordPress plugin) | Medium | 5.4 | 2022-11-18 22:27:02 | Deep Dive |
| CVE-2022-41135 | WordPress Modula plugin <= 2.6.9 - Unauth. Plugin Settings Change vulnerability | WPChill | Modula Image Gallery (WordPress plugin) | Medium | 6.5 | 2022-11-18 22:25:54 | Deep Dive |
| CVE-2022-41655 | WordPress Phone Orders for WooCommerce plugin <= 3.7.1 - Auth. Sensitive Data Exposure vulnerability | AlgolPlus | Phone Orders for WooCommerce (WordPress plugin) | Medium | 4.3 | 2022-11-18 22:22:14 | Deep Dive |
| CVE-2022-41643 | WordPress Accessibility plugin <= 1.0.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability | Octa Code | Accessibility (WordPress plugin) | Medium | 4.8 | 2022-11-18 22:21:01 | Deep Dive |
| CVE-2022-40963 | WordPress WP Page Builder plugin <= 1.2.6 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities | Themeum | WP Page Builder (WordPress plugin) | Medium | 4.8 | 2022-11-18 22:19:45 | Deep Dive |
| CVE-2022-41685 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Integration for Szamlazz.hu & WooCommerce and Csomagpontok és szállítási címkék WooCommerce hez plugins | Viszt Péter | Integration for Szamlazz.hu & WooCommerce (WordPress plugin) | Medium | 5.4 | 2022-11-18 22:18:34 | Deep Dive |
| CVE-2022-42459 | WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability | Biplob Adhikari | Image Hover Effects Ultimate (WordPress plugin) | High | 7.2 | 2022-11-18 22:17:20 | Deep Dive |
| CVE-2022-40695 | WordPress SEO Redirection Plugin plugin <= 8.9 - Multiple Cross-Site Scripting (CSRF) vulnerabilities | WP-buy | SEO Redirection Plugin – 301 Redirect Manager (WordPress plugin) | Medium | 5.4 | 2022-11-18 22:16:12 | Deep Dive |
| CVE-2022-42698 | WordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerability | API2Cart | Api2Cart Bridge Connector (WordPress plugin) | Critical | 9.8 | 2022-11-18 22:15:04 | Deep Dive |
| CVE-2022-42497 | WordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary Code Execution vulnerability | API2Cart | Api2Cart Bridge Connector (WordPress plugin) | Critical | 10.0 | 2022-11-18 22:12:43 | Deep Dive |
| CVE-2022-43492 | WordPress Comments – wpDiscuz plugin 7.4.2 - Auth. Insecure Direct Object References (IDOR) vulnerability | gVectors Team | Comments – wpDiscuz (WordPress plugin) | Medium | 4.3 | 2022-11-18 22:08:14 | Deep Dive |
| CVE-2022-44740 | WordPress Creative Mail plugin <= 1.5.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities | Constant Contact | Creative Mail (WordPress plugin) | Medium | 5.4 | 2022-11-18 22:03:35 | Deep Dive |
| CVE-2022-44583 | WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Download vulnerability | WhatArmy | WatchTowerHQ (WordPress plugin) | High | 7.5 | 2022-11-18 22:02:16 | Deep Dive |
| CVE-2022-44584 | WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Deletion vulnerability | WhatArmy | WatchTowerHQ (WordPress plugin) | Critical | 9.1 | 2022-11-18 22:01:02 | Deep Dive |
| CVE-2022-45082 | WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities | Biplob Adhikari | Accordions – Multiple Accordions or FAQs Builder (WordPress plugin) | Low | 3.4 | 2022-11-18 21:59:38 | Deep Dive |
| CVE-2022-44634 | WordPress S2W – Import Shopify to WooCommerce plugin <= 1.1.12 - Auth. Arbitrary File Read vulnerability | VillaTheme | S2W – Import Shopify to WooCommerce (WordPress plugin) | Medium | 4.9 | 2022-11-18 21:58:17 | Deep Dive |
| CVE-2022-45369 | WordPress Plugin for Google Reviews plugin <= 2.2.2 - Auth. Broken Access Control vulnerability | RichPlugins | Plugin for Google Reviews (WordPress plugin) | Medium | 4.3 | 2022-11-18 21:51:17 | Deep Dive |
| CVE-2022-41839 | WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability | WPBrigade | LoginPress | Custom Login Page Customizer (WordPress plugin) | Medium | 5.3 | 2022-11-18 21:47:53 | Deep Dive |
| CVE-2022-42883 | WordPress Quiz And Survey Master plugin <= 7.3.10 - Sensitive Information Disclosure vulnerability | ExpressTech | Quiz And Survey Master (WordPress plugin) | Medium | 5.3 | 2022-11-18 21:46:43 | Deep Dive |
| CVE-2022-40698 | WordPress Quiz And Survey Master plugin <= 7.3.10 - Cross-Site Scripting (XSS) vulnerability | ExpressTech | Quiz And Survey Master (WordPress plugin) | Medium | 5.4 | 2022-11-18 21:45:19 | Deep Dive |