Vulnerabilities > CM WP > Woody Code Snippets > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-08 | CVE-2024-35751 | Unspecified vulnerability in Cm-Wp Woody Code Snippets Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through 2.4.10. | 4.8 |
| 2023-10-20 | CVE-2020-36759 | Cross-Site Request Forgery (CSRF) vulnerability in Cm-Wp Woody Code Snippets The Woody code snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.9. | 4.3 |