Vulnerabilities > Automattic > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-17 | CVE-2022-45069 | Unspecified vulnerability in Automattic Crowdsignal Dashboard Auth. | 8.8 |
2021-04-05 | CVE-2021-24209 | Code Injection vulnerability in Automattic WP Super Cache The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. | 7.2 |
2020-02-12 | CVE-2013-2010 | Injection vulnerability in multiple products WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability | 7.5 |
2017-11-29 | CVE-2017-17058 | Path Traversal vulnerability in Automattic Woocommerce The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. | 7.5 |
2011-12-02 | CVE-2011-4673 | SQL Injection vulnerability in Automattic Jetpack SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |