Vulnerabilities > Hermit Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-28	CVE-2022-29410	SQL Injection vulnerability in Hermit Project Hermit 3.1.6 Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). network low complexity hermit-project CWE-89	8.8
2022-04-28	CVE-2022-29411	SQL Injection vulnerability in Hermit Project Hermit 3.1.6 SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). network low complexity hermit-project CWE-89 critical	9.8
2022-04-28	CVE-2022-29412	Cross-Site Request Forgery (CSRF) vulnerability in Hermit Project Hermit 3.1.6 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. network low complexity hermit-project CWE-352	5.4
2022-04-28	CVE-2022-29413	Cross-site Scripting vulnerability in Hermit Project Hermit 3.1.6 Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter. network low complexity hermit-project CWE-79	6.1

Vulnerabilities > Hermit Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hermit Project"}]}