Vulnerabilities > Instawp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-31 | CVE-2024-23507 | SQL Injection vulnerability in Instawp Connect Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP Team InstaWP Connect – 1-click WP Staging & Migration.This issue affects InstaWP Connect – 1-click WP Staging & Migration: from n/a through 0.1.0.9. | 8.8 |
2024-01-27 | CVE-2024-23506 | Unspecified vulnerability in Instawp Connect Exposure of Sensitive Information to an Unauthorized Actor vulnerability in InstaWP Team InstaWP Connect – 1-click WP Staging & Migration.This issue affects InstaWP Connect – 1-click WP Staging & Migration: from n/a through 0.1.0.9. | 6.5 |
2023-07-27 | CVE-2023-3956 | Unspecified vulnerability in Instawp Connect 0.0.9.18 The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. | 9.8 |
2022-09-06 | CVE-2022-2434 | Deserialization of Untrusted Data vulnerability in Instawp String Locator The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via the 'string-locator-path' parameter in versions up to, and including 2.5.0. | 8.8 |