Moderate severityNVD Advisory· Published Sep 21, 2022· Updated Apr 28, 2026
WordPress Awesome Support plugin <= 6.0.7 - Multiple Authenticated Persistent XSS (Additional Interested Parties)
CVE-2022-38073
Description
Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
awesome-support/awesome-supportPackagist | < 6.0.8 | 6.0.8 |
Affected products
2- Range: <= 6.0.7
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-qrqm-574x-q7f2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-38073ghsaADVISORY
- github.com/Awesome-Support/Awesome-Support/commit/85f460be88b81fbdd9a990f474a1252297902fafghsaWEB
- github.com/Awesome-Support/Awesome-Support/commit/b2e831d7f831a3869cfd83eb79a398a5b5c0ec63ghsaWEB
- patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-0-7-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilitiesghsax_refsource_CONFIRMWEB
- wordpress.org/plugins/awesome-support/ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.