cleantalk
Vulnerabilities and Security Researches

Fast Flow, CVE-2022-2775

CVE, Research URL

CVE-2022-2775

Home page URL

Security reports for Fast Flow

Application

Fast Flow

Published on
Sep 05, 2022
Research Description
The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
max 1.2.13.
Status
vulnerable
Previous vulnerability researches
Fast Flow (CVE-2025-26868) , Feb 26, 2025
Fast Flow (CVE-2022-2775) , Jun 07, 2024
Fast Flow (CVE-2022-1269) , Jun 07, 2024
Fast Flow (9ce0b3bcd6337203a7615f024751226aa761fa98) , Jun 16, 2026
Fast Flow (ca9267d0-9dea-4cd1-9795-06922286497d) , Jun 16, 2026
New vulnerability
Upcasted S3 Offload – AWS S3, Digital Ocean Spaces, Backblaze, Minio and more (30be2235708b1e3699af48260235ba12008c971e) , Jun 16, 2026
SS Downloads (6def7429-cfd3-442c-927c-accc1715f889) , Jun 16, 2026
SS Downloads (2d60485b-d7a3-425a-8b3c-918e1d9fb337) , Jun 16, 2026
SS Downloads (00d99cc7-9ea4-4b6c-b330-f616d0738930) , Jun 16, 2026
SS Downloads (7eb88106-453f-48a7-8490-2e88fa01ad34) , Jun 16, 2026