Question 1

What is CVE-2022-4058 — CVE-2022-4058?

Accepted Answer

The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.

Question 2

What is the authoritative source for CVE-2022-4058?

Accepted Answer

CVE-2022-4058 (CVE-2022-4058) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	5.4 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS	0.24% probability of exploitation · percentile 15.3% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-4058CVE-2022-4058

Description

Scoring