Vulnerabilities > Getastra
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-18 | CVE-2024-6641 | Incorrect Comparison vulnerability in Getastra WP Hardening The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 1.2.6. | 5.3 |
2021-06-21 | CVE-2021-24372 | Cross-site Scripting vulnerability in Getastra WP Hardening The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue. | 6.1 |
2021-06-21 | CVE-2021-24373 | Unspecified vulnerability in Getastra WP Hardening The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflected Cross-Site Scripting issue. | 6.1 |