Vulnerabilities > Madewithfuel

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-26	CVE-2023-32964	Cross-Site Request Forgery (CSRF) vulnerability in Madewithfuel Better Notifications for WP Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <= 1.9.2 versions. network low complexity madewithfuel CWE-352	8.8
2022-02-28	CVE-2022-0345	Missing Authorization vulnerability in Madewithfuel Customize Wordpress Emails and Alerts The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have authorisation and CSRF check in its bnfw_search_users AJAX action, allowing any authenticated users to call it and query for user e-mail prefixes (finding the first letter, then the second one, then the third one etc.). network low complexity madewithfuel CWE-862	4.3

Vulnerabilities > Madewithfuel {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Madewithfuel"}]}