Vulnerabilities > Codemenschen

DATE CVE VULNERABILITY TITLE RISK
2023-03-22 CVE-2023-28662 SQL Injection vulnerability in Codemenschen Gift Vouchers
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.
network
low complexity
codemenschen CWE-89
critical
9.8
2018-08-30 CVE-2018-16159 SQL Injection vulnerability in Codemenschen Gift Vouchers
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.
network
low complexity
codemenschen CWE-89
critical
9.8