Vulnerabilities > Cerber

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-20	CVE-2022-4712	Cross-site Scripting vulnerability in Cerber WP Cerber Security, Anti-Spam & Malware Scan The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the log parameter when logging in to the site in versions up to, and including, 9.1. network low complexity cerber CWE-79	6.1
2023-01-02	CVE-2022-4417	Unspecified vulnerability in Cerber WP Cerber Security, Anti-Spam & Malware Scan The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users network low complexity cerber	5.3
2022-09-06	CVE-2022-2939	Information Exposure vulnerability in Cerber WP Cerber Security, Anti-Spam & Malware Scan The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. network low complexity cerber CWE-200	5.3
2022-03-07	CVE-2022-0429	Cross-site Scripting vulnerability in Cerber WP Cerber Security, Anti-Spam & Malware Scan The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability. network low complexity cerber CWE-79	6.1

Vulnerabilities > Cerber {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cerber"}]}