cleantalk
Vulnerabilities and Security Researches

Quotes llama, CVE-2022-1566

CVE, Research URL

CVE-2022-1566

Home page URL

Security reports for Quotes llama

Application

Quotes llama

Published on
May 30, 2022
Research Description
The Quotes llama WordPress plugin before 1.0.0 does not sanitise and escape Quotes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. The attack could also be performed by tricking an admin to import a malicious CSV file
Affected versions
Min -, max 1.0.0.
Status
vulnerable
Previous vulnerability researches
Quotes llama (CVE-2025-27307) , Feb 26, 2025
Quotes llama (CVE-2024-10874) , Nov 25, 2024
Quotes llama (CVE-2022-1566) , Jun 07, 2024
Quotes llama (CVE-2025-30786) , Apr 03, 2025
New vulnerability
Woo Product Feed For Marketing Channels (CVE-2025-31377) , Apr 10, 2025
Easy custom css by webriti (CVE-2025-31395) , Apr 10, 2025
Checkout Mestres WP (CVE-2025-32695) , Apr 10, 2025
Request Call Back (CVE-2025-32483) , Apr 10, 2025
QR Master (CVE-2025-32116) , Apr 10, 2025