Vulnerabilities > Getigniteup

DATE CVE VULNERABILITY TITLE RISK
2022-05-09 CVE-2022-0898 Unspecified vulnerability in Getigniteup Igniteup
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues
network
low complexity
getigniteup
5.4
2019-11-12 CVE-2019-17237 Cross-Site Request Forgery (CSRF) vulnerability in Getigniteup Igniteup
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.
network
low complexity
getigniteup CWE-352
8.8
2019-11-12 CVE-2019-17236 Cross-site Scripting vulnerability in Getigniteup Igniteup
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.
network
low complexity
getigniteup CWE-79
6.1
2019-11-12 CVE-2019-17235 Missing Authentication for Critical Function vulnerability in Getigniteup Igniteup
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure.
network
low complexity
getigniteup CWE-306
5.3
2019-11-12 CVE-2019-17234 Missing Authentication for Critical Function vulnerability in Getigniteup Igniteup
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.
network
low complexity
getigniteup CWE-306
7.5