Vulnerabilities > Pluginus > Wolf Wordpress Posts Bulk Editor AND Products Manager Professional

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-0790 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.1.
network
low complexity
pluginus CWE-352
4.3
2024-02-05 CVE-2024-0791 Missing Authorization vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1.
network
low complexity
pluginus CWE-862
4.3
2024-01-31 CVE-2024-22159 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.
network
low complexity
pluginus CWE-79
6.1
2023-10-25 CVE-2023-46152 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
network
low complexity
pluginus CWE-352
8.8
2023-10-17 CVE-2023-44990 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Auth.
network
low complexity
pluginus CWE-79
4.8
2023-08-18 CVE-2023-31218 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.
network
low complexity
pluginus CWE-79
6.1