Vulnerabilities > Recall Products Project

DATE CVE VULNERABILITY TITLE RISK
2020-09-14 CVE-2020-25380 Cross-site Scripting vulnerability in Recall-Products Project Recall-Products 0.8
Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 is affected by: Cross Site Scripting (XSS) via the 'Recall Settings' field in admin.php.
network
low complexity
recall-products-project CWE-79
5.4
2020-09-14 CVE-2020-25379 SQL Injection vulnerability in Recall-Products Project Recall-Products 0.8
Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 fails to sanitize input from the 'Manufacturer[]' parameter which allows an authenticated attacker to inject a malicious SQL query.
network
low complexity
recall-products-project CWE-89
8.8