Vulnerabilities > Mooveagency > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-30 | CVE-2023-4013 | Unspecified vulnerability in Mooveagency Gdpr Cookie Compliance The GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) WordPress plugin before 4.12.5 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks | 6.5 |
| 2023-08-30 | CVE-2023-4150 | Unspecified vulnerability in Mooveagency User Activity Tracking and LOG The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks | 4.3 |
| 2023-06-07 | CVE-2019-25143 | Missing Authorization vulnerability in Mooveagency Gdpr Cookie Compliance The GDPR Cookie Compliance plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the gdpr_cookie_compliance_reset_settings AJAX action in versions up to, and including, 4.0.2. | 4.3 |
| 2021-05-14 | CVE-2021-24286 | Unspecified vulnerability in Mooveagency Redirect 404 to Parent The settings page of the Redirect 404 to parent WordPress plugin before 1.3.1 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue | 6.1 |
| 2021-05-14 | CVE-2021-24287 | Unspecified vulnerability in Mooveagency Select ALL Categories and Taxonomies, Change Checkbox to Radio Buttons The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue | 6.1 |
| 2021-05-06 | CVE-2021-24247 | Unspecified vulnerability in Mooveagency Contact Form Check Tester The Contact Form Check Tester WordPress plugin through 1.0.2 settings are visible to all registered users in the dashboard and are lacking any sanitisation. | 5.4 |