Vulnerabilities > Getigniteup
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-09 | CVE-2022-0898 | Unspecified vulnerability in Getigniteup Igniteup The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues | 5.4 |
2019-11-12 | CVE-2019-17237 | Cross-Site Request Forgery (CSRF) vulnerability in Getigniteup Igniteup includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF. | 8.8 |
2019-11-12 | CVE-2019-17236 | Cross-site Scripting vulnerability in Getigniteup Igniteup includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS. | 6.1 |
2019-11-12 | CVE-2019-17235 | Missing Authentication for Critical Function vulnerability in Getigniteup Igniteup includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure. | 5.3 |
2019-11-12 | CVE-2019-17234 | Missing Authentication for Critical Function vulnerability in Getigniteup Igniteup includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion. | 7.5 |