Vulnerabilities > Melapress
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-21 | CVE-2022-44587 | Information Exposure Through Log Files vulnerability in Melapress WP 2FA Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3. | 7.5 |
| 2024-06-10 | CVE-2024-35650 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Melapress Login Security Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security allows PHP Remote File Inclusion.This issue affects MelaPress Login Security: from n/a through 1.3.0. | 7.2 |
| 2024-01-11 | CVE-2023-6520 | Cross-Site Request Forgery (CSRF) vulnerability in Melapress WP 2FA The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.0. | 4.3 |