Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2022-2834
- EPSS 0.52%
- Veröffentlicht 17.10.2022 12:15:09
- Zuletzt bearbeitet 13.05.2025 20:15:22
The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to download them and retrieve sensitive information such as IP, Names and Email Address...
4.8
CVE-2021-24841
- EPSS 0.34%
- Veröffentlicht 17.11.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 05:53:52
The Helpful WordPress plugin before 4.4.59 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
1