CVE-2025-24570
- EPSS 0.09%
- Veröffentlicht 24.01.2025 18:15:34
- Zuletzt bearbeitet 24.01.2025 18:15:34
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atarim Atarim allows Stored XSS. This issue affects Atarim: from n/a through 4.0.8.
CVE-2024-12104
- EPSS 0.42%
- Veröffentlicht 21.01.2025 10:15:07
- Zuletzt bearbeitet 17.02.2026 19:24:46
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wpf_delete_file functions in all versions up to, and...
CVE-2024-43290
- EPSS 0.18%
- Veröffentlicht 01.11.2024 15:15:45
- Zuletzt bearbeitet 01.11.2024 20:24:53
Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.1.
CVE-2024-38771
- EPSS 0.13%
- Veröffentlicht 01.11.2024 15:15:34
- Zuletzt bearbeitet 01.11.2024 20:24:53
Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.
CVE-2024-37434
- EPSS 0.11%
- Veröffentlicht 22.07.2024 09:15:10
- Zuletzt bearbeitet 21.11.2024 09:23:50
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atarim allows Stored XSS.This issue affects Atarim: from n/a through 3.31.
CVE-2023-47544
- EPSS 0.19%
- Veröffentlicht 14.11.2023 21:15:11
- Zuletzt bearbeitet 18.02.2026 14:45:26
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.12 versions.
CVE-2023-37393
- EPSS 0.06%
- Veröffentlicht 04.09.2023 11:15:40
- Zuletzt bearbeitet 21.11.2024 08:11:38
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.