Vulnerabilities > Bootstrapped > WP Recipe Maker > 9.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-9650 | Unspecified vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip’ parameter in all versions up to, and including, 9.6.1 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-02 | CVE-2024-3490 | Cross-site Scripting vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wprm-recipe-roundup-item shortcode in all versions up to, and including, 9.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-04-09 | CVE-2024-1571 | Cross-site Scripting vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1 due to insufficient input sanitization and output escaping. | 4.8 |