Vulnerabilities > Pluginus > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2023-4926 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4941 Missing Authorization vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-862
4.3
4.3
2023-10-20 CVE-2023-4935 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4937 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4940 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4942 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4943 Missing Authorization vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-862
4.3
4.3
2023-10-18 CVE-2023-4938 Missing Authorization vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-862
4.3
4.3
2023-10-17 CVE-2023-44990 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Auth.
network
low complexity
pluginus CWE-79
4.8
4.8
2023-08-18 CVE-2023-31218 Unspecified vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.
network
low complexity
pluginus
6.1
6.1