Threat-Lens CVE Hub

Products

1 vendor

Vendor	Products	CVEs	KEV	Avg EPSS	Worst Severity
web-argument	3	3	0	11.2%	HIGH

CVE ID	Description	Severity	CVSS	KEV	EPSS	Published
CVE-2024-8157	The Alphabetical List WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack	MEDIUM	4.3	—	11.4%	Nov 21, 2024
CVE-2023-38396	Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plugin <= 3.1.2 versions.	HIGH	8.8	—	10.9%	Oct 3, 2023
CVE-2023-2899	The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin	MEDIUM	5.4	—	—	Jun 19, 2023