Vulnerabilities > Boxystudio > Cooked > 1.7.15.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-05 | CVE-2024-41816 | Cross-site Scripting vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 5.4 |
| 2024-07-18 | CVE-2024-39678 | Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 8.8 |
| 2024-07-18 | CVE-2024-39679 | Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 8.8 |
| 2024-07-18 | CVE-2024-39680 | Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 8.8 |
| 2024-07-18 | CVE-2024-39681 | Cross-Site Request Forgery (CSRF) vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 8.8 |
| 2024-07-18 | CVE-2024-39682 | Cross-site Scripting vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 5.4 |
| 2024-06-13 | CVE-2024-37308 | Cross-site Scripting vulnerability in Boxystudio Cooked The Cooked Pro recipe plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the `_recipe_settings[post_title]` parameter in versions up to, and including, 1.7.15.4 due to insufficient input sanitization and output escaping. | 5.4 |