Vulnerabilities > Fullworks

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2021-24767 Unspecified vulnerability in Fullworks Redirect 404 Error Page to Homepage or Custom Page With Logs
The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF attack
network
low complexity
fullworks
6.5
2019-08-21 CVE-2017-18536 Cross-site Scripting vulnerability in Fullworks Stop User Enumeration 1.3.5/1.3.6/1.3.7
The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS.
network
low complexity
fullworks CWE-79
6.1
2017-11-17 CVE-2017-1000226 Information Exposure vulnerability in Fullworks Stop User Enumeration 1.3.8
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
network
low complexity
fullworks CWE-200
5.3