Vulnerabilities > Benjaminrojas > WP Editor > 1.2.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2021-24151 | SQL Injection vulnerability in Benjaminrojas WP Editor The WP Editor WordPress plugin before 1.2.7 did not sanitise or validate its setting fields leading to an authenticated (admin+) blind SQL injection issue via an arbitrary parameter when making a request to save the settings. | 7.2 |
2019-08-14 | CVE-2016-10886 | Permissions, Privileges, and Access Controls vulnerability in Benjaminrojas WP Editor The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions. | 9.8 |
2019-08-14 | CVE-2016-10885 | Cross-Site Request Forgery (CSRF) vulnerability in Benjaminrojas WP Editor The wp-editor plugin before 1.2.6 for WordPress has CSRF. | 8.8 |