Vulnerabilities > Androidbubbles

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-47321 Missing Authorization vulnerability in Androidbubbles WP Datepicker
Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1.
network
low complexity
androidbubbles CWE-862
critical
9.8
2024-10-20 CVE-2024-49629 Cross-Site Request Forgery (CSRF) vulnerability in Androidbubbles Endless Posts Navigation
Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7.
network
low complexity
androidbubbles CWE-352
6.1
2022-06-13 CVE-2022-1820 Unspecified vulnerability in Androidbubbles Keep Backup Daily 2.0.2
The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping.
network
low complexity
androidbubbles
6.1
2021-11-08 CVE-2021-24798 Cross-site Scripting vulnerability in Androidbubbles WP Header Images
The WP Header Images WordPress plugin before 2.0.1 does not sanitise and escape the t parameter before outputting it back in the plugin's settings page, leading to a Reflected Cross-Site Scripting issue
network
low complexity
androidbubbles CWE-79
6.1