Vulnerabilities > Kaswara Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-16 | CVE-2021-4448 | Missing Authorization vulnerability in Kaswara Project Kaswara 3.0.1 The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.0.1 due to insufficient capability checking on various AJAX actions. | 9.8 |
2021-05-14 | CVE-2021-24284 | Unspecified vulnerability in Kaswara Project Kaswara 3.0.1 The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. | 9.8 |