Vulnerabilities > Recall Products Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-14 | CVE-2020-25380 | Cross-site Scripting vulnerability in Recall-Products Project Recall-Products 0.8 Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 is affected by: Cross Site Scripting (XSS) via the 'Recall Settings' field in admin.php. | 5.4 |
2020-09-14 | CVE-2020-25379 | SQL Injection vulnerability in Recall-Products Project Recall-Products 0.8 Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 fails to sanitize input from the 'Manufacturer[]' parameter which allows an authenticated attacker to inject a malicious SQL query. | 8.8 |