Vulnerabilities > Incsub > Hustle

DATE CVE VULNERABILITY TITLE RISK
2020-03-17 CVE-2018-18576 Path Traversal vulnerability in Incsub Hustle
The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI.
network
low complexity
incsub CWE-22
5.0
2019-05-29 CVE-2019-11872 Improper Neutralization of Formula Elements in a CSV File vulnerability in Incsub Hustle
The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicious code into a pop-up window.
network
low complexity
incsub CWE-1236
8.8