CVE-2023-52176
- EPSS 0.14%
- Veröffentlicht 04.06.2024 13:15:50
- Zuletzt bearbeitet 21.11.2024 08:39:19
Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1.
CVE-2024-2172
- EPSS 1.02%
- Veröffentlicht 13.03.2024 16:15:32
- Zuletzt bearbeitet 21.11.2024 09:09:10
The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 ...
CVE-2024-25902
- EPSS 0.41%
- Veröffentlicht 28.02.2024 13:15:08
- Zuletzt bearbeitet 04.03.2025 12:24:19
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2.
CVE-2022-1995
- EPSS 0.29%
- Veröffentlicht 27.06.2022 09:15:10
- Zuletzt bearbeitet 21.11.2024 06:41:54
The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_h...