cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-3420,https://securityvulnerability.io/vulnerability/CVE-2022-3420,Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS,"The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks.",Wordpress,Official Integration For Billingo,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-10-31T00:00:00.000Z,0
CVE-2022-3154,https://securityvulnerability.io/vulnerability/CVE-2022-3154,Multiple Plugins from Viszt Peter - Multiple CSRF,"The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin's license",Wordpress,"Woo Billingo Plus,Integration For Billingo & Gravity Forms,Integration For Szamlazz.hu & Gravity Forms",7.1,HIGH,0.0006900000153109431,false,,false,false,false,,false,false,2022-10-10T00:00:00.000Z,0