Vulnerabilities > Meowapps

DATE CVE VULNERABILITY TITLE RISK
2021-10-04 CVE-2021-24465 SQL Injection vulnerability in Meowapps Meow Gallery
The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue.
network
low complexity
meowapps CWE-89
8.1
2021-08-16 CVE-2021-34652 Cross-site Scripting vulnerability in Meowapps Media Usage
The Media Usage WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the ~/mmu_admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.4.
network
low complexity
meowapps CWE-79
6.1
2019-08-22 CVE-2018-20983 Cross-site Scripting vulnerability in Meowapps WP Retina 2X
The wp-retina-2x plugin before 5.2.3 for WordPress has XSS.
network
low complexity
meowapps CWE-79
6.1
2018-02-01 CVE-2018-0511 Cross-site Scripting vulnerability in Meowapps WP Retina 2X
Cross-site scripting vulnerability in WP Retina 2x prior to version 5.2.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
meowapps CWE-79
6.1