Vulnerabilities > Benjaminrojas > WP Editor > 1.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2022-2446 | Deserialization of Untrusted Data vulnerability in Benjaminrojas WP Editor The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'current_theme_root' parameter in versions up to, and including 1.2.9. | 7.2 |
| 2024-03-17 | CVE-2024-25591 | Unspecified vulnerability in Benjaminrojas WP Editor Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7. | 7.5 |