Kevonadonis

Wp Abstracts

7 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-48338

  • EPSS 0.08%
  • Veröffentlicht 22.10.2025 14:32:07
  • Zuletzt bearbeitet 20.01.2026 15:16:31

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows PHP Local File Inclusion.This issue affects WP Abstracts: from ...

7.1

CVE-2025-32591

  • EPSS 0.08%
  • Veröffentlicht 09.04.2025 16:09:30
  • Zuletzt bearbeitet 09.04.2025 20:02:41

Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts allows Cross Site Request Forgery. This issue affects WP Abstracts: from n/a through 2.7.4.

5.4

CVE-2024-12386

  • EPSS 0.05%
  • Veröffentlicht 12.02.2025 12:15:28
  • Zuletzt bearbeitet 20.02.2025 16:29:39

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.3. This is due to missing nonce validation on multiple functions. This makes it possible for unauthenticated attackers to dele...

6.1

CVE-2024-12385

  • EPSS 0.21%
  • Veröffentlicht 18.01.2025 07:15:06
  • Zuletzt bearbeitet 25.02.2025 22:01:07

The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2. This is due to missing nonce validation on the wpabstracts_load_status() and wpabstracts_delete_abstracts() functions. This...

4.8

CVE-2024-50411

  • EPSS 0.17%
  • Veröffentlicht 29.10.2024 09:15:08
  • Zuletzt bearbeitet 07.11.2024 21:09:13

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts allows Stored XSS.This issue affects WP Abstracts: from n/a through 2.7.1.

4.8

CVE-2024-44045

  • EPSS 0.15%
  • Veröffentlicht 06.10.2024 12:15:04
  • Zuletzt bearbeitet 27.02.2025 19:30:33

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts allows Stored XSS.This issue affects WP Abstracts: from n/a through 2.6.5.

4.8

CVE-2023-28692

Exploit
  • EPSS 0.06%
  • Veröffentlicht 30.08.2023 16:15:09
  • Zuletzt bearbeitet 21.11.2024 07:55:48

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.3 versions.