Vulnerabilities > Hermit Project > Hermit > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-28 | CVE-2022-29412 | Unspecified vulnerability in Hermit Project Hermit 3.1.6 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. | 5.4 |
| 2022-04-28 | CVE-2022-29413 | Unspecified vulnerability in Hermit Project Hermit 3.1.6 Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter. | 6.1 |