CVE-2025-28253
- EPSS 0.03%
- Veröffentlicht 27.03.2025 00:00:00
- Zuletzt bearbeitet 07.04.2025 20:15:20
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2016-15041
- EPSS 8.23%
- Veröffentlicht 16.10.2024 07:15:04
- Zuletzt bearbeitet 23.12.2025 15:47:06
The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mwp_setup_purchase_username’ parameter in versions up to, and including, 3.1.2 due to ins...
CVE-2024-1642
- EPSS 0.1%
- Veröffentlicht 13.03.2024 16:15:25
- Zuletzt bearbeitet 03.04.2025 13:11:53
The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.0.1. This is due to missing or incorrect nonce validation on the 'p...
CVE-2023-38519
- EPSS 0.14%
- Veröffentlicht 20.12.2023 14:15:19
- Zuletzt bearbeitet 21.11.2024 08:13:44
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple W...