Vulnerabilities > Codeermeneer > Companion Auto Update

DATE CVE VULNERABILITY TITLE RISK
2019-08-16 CVE-2018-20973 Improper Input Validation vulnerability in Codeermeneer Companion Auto Update
The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion.
network
low complexity
codeermeneer CWE-20
critical
 9.8
9.8
2019-08-16 CVE-2018-20972 Cross-Site Request Forgery (CSRF) vulnerability in Codeermeneer Companion Auto Update
The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.
network
low complexity
codeermeneer CWE-352
8.8
8.8