Vulnerabilities > Feataholic

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-23	CVE-2021-24668	Unspecified vulnerability in Feataholic MAZ Loader The MAZ Loader WordPress plugin before 1.4.1 does not enforce nonce checks, which allows attackers to make administrators delete arbitrary loaders via a CSRF attack network low complexity feataholic	4.3
2021-11-08	CVE-2021-24669	Unspecified vulnerability in Feataholic MAZ Loader The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection. network low complexity feataholic	8.8

Vulnerabilities > Feataholic {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Feataholic"}]}