Vulnerabilities > Plechevandrey

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-08	CVE-2025-1322	Information Exposure vulnerability in Plechevandrey Wp-Recall The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 16.26.10 via the 'feed' shortcode due to insufficient restrictions on which posts can be included. network low complexity plechevandrey CWE-200	4.3
2025-03-08	CVE-2025-1323	SQL Injection vulnerability in Plechevandrey Wp-Recall The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection via the 'databeat' parameter in all versions up to, and including, 16.26.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity plechevandrey CWE-89 critical	9.8
2024-09-06	CVE-2024-8292	Authorization Bypass Through User-Controlled Key vulnerability in Plechevandrey Wp-Recall The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. network low complexity plechevandrey CWE-639 critical	9.8
2024-06-06	CVE-2024-1175	Missing Authorization vulnerability in Plechevandrey Wp-Recall The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'delete_payment' function in all versions up to, and including, 16.26.6. network low complexity plechevandrey CWE-862	5.3

Vulnerabilities > Plechevandrey {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Plechevandrey"}]}

Vulnerabilities > Plechevandrey