Aggregates CVE and security vulnerability intelligence across all webhelpagency-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk cross-site scripting; exposure may include vendor impact session compromise in vendor surface production workloads and vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-45839 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WHA WHA Puzzle plugin <= 1.0.9 versions. | [email protected] | 5.3 | 0.38% | 2023-04-18 | 2026-06-17 |
| CVE-2022-37330 | Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WHA Crossword plugin <= 1.1.10 at WordPress. | [email protected] | 5.4 | 0.42% | 2022-09-23 | 2026-06-17 |
| CVE-2022-36383 | Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Word Search Puzzles game plugin <= 2.0.1 at WordPress. | [email protected] | 5.4 | 0.41% | 2022-09-21 | 2026-06-17 |
| CVE-2022-36365 | Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Crossword plugin <= 1.1.10 at WordPress. | [email protected] | 5.4 | 0.56% | 2022-09-21 | 2026-06-17 |
| CVE-2022-37335 | Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in WHA's Word Search Puzzles game plugin <= 2.0.1 at WordPress. | [email protected] | 4.8 | 0.43% | 2022-09-09 | 2026-06-17 |