Vulnerabilities > Convertplug
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2024-13800 | Missing Authorization vulnerability in Convertplug Convertplus The ConvertPlus plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cp_dismiss_notice' AJAX endpoint in all versions up to, and including, 3.5.30. | 8.1 |
| 2019-09-03 | CVE-2019-15863 | Unspecified vulnerability in Convertplug Convertplus The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants. | 7.5 |