Vulnerabilities > Androidbubbles
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-01 | CVE-2024-47321 | Missing Authorization vulnerability in Androidbubbles WP Datepicker Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1. | 9.8 |
2024-10-20 | CVE-2024-49629 | Cross-Site Request Forgery (CSRF) vulnerability in Androidbubbles Endless Posts Navigation Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7. | 6.1 |
2022-06-13 | CVE-2022-1820 | Unspecified vulnerability in Androidbubbles Keep Backup Daily 2.0.2 The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. | 6.1 |
2021-11-08 | CVE-2021-24798 | Cross-site Scripting vulnerability in Androidbubbles WP Header Images The WP Header Images WordPress plugin before 2.0.1 does not sanitise and escape the t parameter before outputting it back in the plugin's settings page, leading to a Reflected Cross-Site Scripting issue | 6.1 |