Vulnerabilities > Getbutterfly
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-12 | CVE-2024-9776 | Cross-site Scripting vulnerability in Getbutterfly Imagepress The ImagePress – Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-10-12 | CVE-2024-9778 | Cross-Site Request Forgery (CSRF) vulnerability in Getbutterfly Imagepress The ImagePress – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.2. | 4.3 |
| 2024-06-08 | CVE-2024-35705 | Unspecified vulnerability in Getbutterfly Block for Font Awesome Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font Awesome: from n/a through 1.4.4. | 5.4 |
| 2023-12-17 | CVE-2023-49751 | Cross-Site Request Forgery (CSRF) vulnerability in Getbutterfly Block for Font Awesome Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Block for Font Awesome.This issue affects Block for Font Awesome: from n/a through 1.4.0. | 8.8 |
| 2023-10-18 | CVE-2023-45049 | Unspecified vulnerability in Getbutterfly Youtube Playlist Player Auth. | 5.4 |
| 2023-05-28 | CVE-2023-33931 | Unspecified vulnerability in Getbutterfly Youtube Playlist Player Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu YouTube Playlist Player plugin <= 4.6.4 versions. | 8.8 |
| 2020-02-18 | CVE-2013-4454 | Improper Authentication vulnerability in Getbutterfly Portable-PHPmyadmin 1.4.1 WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | 9.1 |