Vulnerabilities > Fareharbor

DATE CVE VULNERABILITY TITLE RISK
2023-10-30 CVE-2023-5252 SQL Injection vulnerability in Fareharbor
The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
fareharbor CWE-89
5.4
2023-05-08 CVE-2023-25021 Cross-site Scripting vulnerability in Fareharbor
Auth.
network
low complexity
fareharbor CWE-79
4.8