Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2024-6698
- EPSS 0.31%
- Published 01.08.2024 04:15:04
- Last modified 23.11.2024 00:44:15
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible fo...
9.8
CVE-2022-0788
- EPSS 45.29%
- Published 08.06.2022 10:15:09
- Last modified 05.12.2024 17:12:01
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated use...
1