Vulnerabilities > Meowapps
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-04 | CVE-2021-24465 | SQL Injection vulnerability in Meowapps Meow Gallery The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue. | 8.1 |
2021-08-16 | CVE-2021-34652 | Cross-site Scripting vulnerability in Meowapps Media Usage The Media Usage WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the ~/mmu_admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.4. | 6.1 |
2019-08-22 | CVE-2018-20983 | Cross-site Scripting vulnerability in Meowapps WP Retina 2X The wp-retina-2x plugin before 5.2.3 for WordPress has XSS. | 6.1 |
2018-02-01 | CVE-2018-0511 | Cross-site Scripting vulnerability in Meowapps WP Retina 2X Cross-site scripting vulnerability in WP Retina 2x prior to version 5.2.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |