Vulnerabilities > Acurax

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-16	CVE-2023-39926	Cross-site Scripting vulnerability in Acurax Under Construction / Maintenance Mode 2.6 Unauth. network low complexity acurax CWE-79	6.1
2021-11-26	CVE-2021-36843	Cross-site Scripting vulnerability in Acurax Floating Social Media Icon 4.3.5 Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Floating Social Media Icon plugin (versions <= 4.3.5) Social Media Configuration form. network acurax CWE-79	3.5
2018-01-27	CVE-2018-6357	Cross-Site Request Forgery (CSRF) vulnerability in Acurax Social Media Widget The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widget_icon_array_order XSS. network acurax CWE-352	6.8

Vulnerabilities > Acurax {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Acurax"}]}