Vulnerabilities > Kraftplugins
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-01 | CVE-2024-47311 | Missing Authorization vulnerability in Kraftplugins Wheel of Life Missing Authorization vulnerability in Kraft Plugins Wheel of Life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through 1.1.8. | 9.8 |
2024-10-24 | CVE-2024-49693 | Cross-site Scripting vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.6. | 5.4 |
2024-10-02 | CVE-2024-9172 | Cross-site Scripting vulnerability in Kraftplugins Demo Importer Plus The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. | 5.4 |
2024-07-21 | CVE-2024-37466 | Unspecified vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2. | 5.4 |