Vulnerabilities > Getastra

DATE CVE VULNERABILITY TITLE RISK
2024-09-18 CVE-2024-6641 Incorrect Comparison vulnerability in Getastra WP Hardening
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 1.2.6.
network
low complexity
getastra CWE-697
5.3
2021-06-21 CVE-2021-24372 Cross-site Scripting vulnerability in Getastra WP Hardening
The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue.
network
low complexity
getastra CWE-79
6.1
2021-06-21 CVE-2021-24373 Unspecified vulnerability in Getastra WP Hardening
The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflected Cross-Site Scripting issue.
network
low complexity
getastra
6.1