Vulnerabilities > Futuriowp

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-03	CVE-2023-40201	Cross-Site Request Forgery (CSRF) vulnerability in Futuriowp Futurio Extra Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin. network low complexity futuriowp CWE-352	8.8
2022-02-14	CVE-2021-25109	SQL Injection vulnerability in Futuriowp Futurio Extra The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cross-Site Scripting (XSS) against logged in admins by making send open a malicious link. network low complexity futuriowp CWE-89	4.0
2022-02-14	CVE-2021-25110	Information Exposure vulnerability in Futuriowp Futurio Extra The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address. network low complexity futuriowp CWE-200	4.0

Vulnerabilities > Futuriowp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Futuriowp"}]}