CVE-2024-56288
- EPSS 0.05%
- Veröffentlicht 07.01.2025 11:15:11
- Zuletzt bearbeitet 25.02.2025 22:50:07
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.2.1.
CVE-2024-12635
- EPSS 0.22%
- Veröffentlicht 21.12.2024 07:15:09
- Zuletzt bearbeitet 24.02.2025 19:15:05
The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id' parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the ex...
CVE-2023-30873
- EPSS 0.31%
- Veröffentlicht 09.12.2024 13:15:28
- Zuletzt bearbeitet 27.02.2025 20:54:25
Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8.
CVE-2024-35696
- EPSS 0.16%
- Veröffentlicht 08.06.2024 15:15:52
- Zuletzt bearbeitet 02.12.2024 14:28:17
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Reflected XSS.This issue affects WP Docs: from n/a through 2.1.3.