Vulnerabilities > Acurax

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-10	CVE-2024-35749	Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode 2.6 Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6. network low complexity acurax CWE-290	5.3
2023-11-16	CVE-2023-39926	Cross-site Scripting vulnerability in Acurax Under Construction / Maintenance Mode 2.6 Unauth. network low complexity acurax CWE-79	6.1
2021-11-26	CVE-2021-36843	Cross-site Scripting vulnerability in Acurax Floating Social Media Icon Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Floating Social Media Icon plugin (versions <= 4.3.5) Social Media Configuration form. network low complexity acurax CWE-79	4.8
2018-01-27	CVE-2018-6357	Cross-site Scripting vulnerability in Acurax Social Media Widget The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widget_icon_array_order XSS. network low complexity acurax CWE-79	8.8

Vulnerabilities > Acurax {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Acurax"}]}