Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
24021.4%MEDIUM

Related CVEs

4
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-7692The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.MEDIUM6.124.5%Sep 2, 2024
CVE-2024-7691The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators.MEDIUM6.127.3%Sep 2, 2024
CVE-2024-3966The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP AdminMEDIUM6.124.0%Jun 14, 2024
CVE-2024-3965The Pray For Me WordPress plugin through 1.0.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attackMEDIUM5.49.8%Jun 14, 2024