Rockcontent Rock Convert — known CVE vulnerabilities
Every CVE whose affected-product data names Rockcontent Rock Convert, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-3440 — CVSS 6.1 (medium): The Rock Convert WordPress plugin before 2.11.0 does not sanitise and escape an URL before outputting it back in an attribute when a…
CVE-2022-3441 — CVSS 4.8 (medium): The Rock Convert WordPress plugin before 2.11.0 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2022-36428 — CVSS 4.8 (medium): Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Stage Rock Convert plugin <= 2.11.0 on WordPress.