Vulnerabilities > Dev4Press > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-29 CVE-2024-25093 Unspecified vulnerability in Dev4Press GD Rating System
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5.
network
low complexity
dev4press
6.1
2023-09-27 CVE-2023-40330 Unspecified vulnerability in Dev4Press GD Security Headers
Unauth.
network
low complexity
dev4press
6.1
2023-07-12 CVE-2023-3122 Cross-site Scripting vulnerability in Dev4Press GD Mail Queue 3.9.3
The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping.
network
low complexity
dev4press CWE-79
6.1
2022-12-06 CVE-2022-45816 Unspecified vulnerability in Dev4Press GD Bbpress Attachments
Auth.
network
low complexity
dev4press
5.4