Vulnerabilities > Awplife > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-21 | CVE-2024-5059 | Unspecified vulnerability in Awplife Event Monster Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through 1.4.0. | 7.5 |
| 2024-06-10 | CVE-2024-35717 | Missing Authorization vulnerability in Awplife Media Slider Missing Authorization vulnerability in A WP Life Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow.This issue affects Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow: from n/a through 1.3.9. | 8.8 |
| 2024-06-10 | CVE-2024-35720 | Missing Authorization vulnerability in Awplife Album Gallery Missing Authorization vulnerability in A WP Life Album Gallery – WordPress Gallery.This issue affects Album Gallery – WordPress Gallery: from n/a through 1.5.7. | 8.8 |
| 2024-06-10 | CVE-2024-35721 | Missing Authorization vulnerability in Awplife Image Gallery Missing Authorization vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through 1.4.5. | 8.8 |
| 2024-06-10 | CVE-2024-35722 | Missing Authorization vulnerability in Awplife Slider Responsive Slideshow Missing Authorization vulnerability in A WP Life Slider Responsive Slideshow – Image slider, Gallery slideshow.This issue affects Slider Responsive Slideshow – Image slider, Gallery slideshow: from n/a through 1.4.0. | 8.8 |
| 2023-07-17 | CVE-2023-23646 | Cross-Site Request Forgery (CSRF) vulnerability in Awplife Album Gallery Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions. | 8.8 |
| 2022-11-21 | CVE-2022-3720 | Unspecified vulnerability in Awplife Event Monster The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users | 7.2 |
| 2019-10-10 | CVE-2019-17072 | SQL Injection vulnerability in Awplife Contact Form Widget 1.0.9 The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php. | 7.5 |