5 Anker Connect < 1.2.7 – Reflected Cross-Site Scripting | CVE 2022-30545

Affects Plugins

5-anker-connect

Fixed in 1.2.7

References

CVE

CVE-2022-30545

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.1 (medium)

Miscellaneous

Original Researcher

ptsfence

Verified

No

WPVDB ID

ca3e8c84-e840-4d31-a533-f68f23d99c9b

Timeline

Publicly Published

2022-10-12 (about 3 years ago)

Added

2022-11-08 (about 3 years ago)

Last Updated

2022-11-08 (about 3 years ago)

Other

Published

Title

Published

2023-03-02

Title

Easy Testimonial Slider and Form < 1.0.16 - Reflected Cross-Site Scripting

Published

2023-02-02

Title

Show-Hide / Collapse-Expand < 1.3.0 - Contributor+ Stored XSS via Shortcode

Published

2025-03-28

Title

Magic Embeds <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2026-01-06

Title

QR Code for WooCommerce order emails, PDF invoices, packing slips <= 1.9.42 - Authenticated (Contributor+) Cross-Site Scripting via Shortcode Attributes

Published

2025-06-05

Title

Runners Log <= 3.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting