Filtered by vendor Sigmaplugin
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2181 | 1 Sigmaplugin | 1 Advanced Wordpress Reset | 2022-08-05 | N/A | 6.1 MEDIUM |
| The Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting | |||||
| CVE-2022-2173 | 1 Sigmaplugin | 1 Advanced Database Cleaner | 2022-07-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting | |||||
| CVE-2021-24921 | 1 Sigmaplugin | 1 Advanced Database Cleaner | 2022-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | |||||
| CVE-2021-24141 | 1 Sigmaplugin | 1 Advanced Database Cleaner | 2021-03-22 | 6.5 MEDIUM | 7.2 HIGH |
| Unvaludated input in the Advanced Database Cleaner plugin, versions before 3.0.2, lead to SQL injection allowing high privilege users (admin+) to perform SQL attacks. | |||||