Vulnerabilities > Fullworks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2021-24767 | Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Redirect 404 Error Page to Homepage or Custom Page With Logs The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF attack | 4.3 |
| 2019-08-21 | CVE-2017-18536 | Cross-site Scripting vulnerability in Fullworks Stop User Enumeration 1.3.5/1.3.6/1.3.7 The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS. | 4.3 |
| 2017-11-17 | CVE-2017-1000226 | Information Exposure vulnerability in Fullworks Stop User Enumeration 1.3.8 Stop User Enumeration 1.3.8 allows user enumeration via the REST API | 5.0 |