Vulnerabilities > Meowapps > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-43332 | Missing Authorization vulnerability in Meowapps Photo Engine Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0. | 8.8 |
| 2024-02-05 | CVE-2024-0699 | Unrestricted Upload of File with Dangerous Type vulnerability in Meowapps AI Engine The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_image_from_url' function in all versions up to, and including, 2.1.4. | 7.2 |
| 2024-01-08 | CVE-2023-51508 | Unspecified vulnerability in Meowapps Database Cleaner Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Database Cleaner: Clean, Optimize & Repair.This issue affects Database Cleaner: Clean, Optimize & Repair: from n/a through 0.9.8. | 7.5 |
| 2023-12-19 | CVE-2023-44991 | Unspecified vulnerability in Meowapps Media File Renamer - Auto & Manual Rename Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Media File Renamer: Rename Files (Manual, Auto & AI).This issue affects Media File Renamer: Rename Files (Manual, Auto & AI): from n/a through 5.6.9. | 7.5 |
| 2023-12-19 | CVE-2023-44982 | Unspecified vulnerability in Meowapps Perfect Images Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina).This issue affects Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina): from n/a through 6.4.5. | 7.5 |
| 2021-10-04 | CVE-2021-24465 | SQL Injection vulnerability in Meowapps Meow Gallery The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue. | 8.1 |