Vulnerabilities > Gwolle Guestbook Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-23	CVE-2017-20089	Cross-site Scripting vulnerability in Gwolle Guestbook Project Gwolle Guestbook 1.7.4 A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. network low complexity gwolle-guestbook-project CWE-79	6.1
2021-12-27	CVE-2021-24980	Cross-site Scripting vulnerability in Gwolle Guestbook Project Gwolle Guestbook The Gwolle Guestbook WordPress plugin before 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin page network low complexity gwolle-guestbook-project CWE-79	6.1
2018-10-02	CVE-2018-17884	Cross-site Scripting vulnerability in Gwolle Guestbook Project Gwolle Guestbook XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin before 2.5.4 for WordPress via the PATH_INFO to wp-admin/index.php network low complexity gwolle-guestbook-project CWE-79	6.1
2017-09-11	CVE-2015-8351	Code Injection vulnerability in Gwolle Guestbook Project Gwolle Guestbook PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. network high complexity gwolle-guestbook-project CWE-94 critical	9.0

Vulnerabilities > Gwolle Guestbook Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Gwolle Guestbook Project"}]}