CVE-2023-6958
- EPSS 0.07%
- Veröffentlicht 18.01.2024 08:15:39
- Zuletzt bearbeitet 21.11.2024 08:44:55
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...
CVE-2023-6970
- EPSS 18.44%
- Veröffentlicht 18.01.2024 08:15:39
- Zuletzt bearbeitet 21.11.2024 08:44:56
The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unaut...
CVE-2022-4468
- EPSS 0.25%
- Veröffentlicht 09.01.2023 23:15:28
- Zuletzt bearbeitet 09.04.2025 19:15:45
The WP Recipe Maker WordPress plugin before 8.6.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting ...