Vulnerabilities > S Sols > Seraphinite Accelerator > 2.15.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-28 | CVE-2024-1568 | Server-Side Request Forgery (SSRF) vulnerability in S-Sols Seraphinite Accelerator The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApi_HtmlCheck function. | 6.4 |
| 2023-12-14 | CVE-2023-49740 | Cross-site Scripting vulnerability in S-Sols Seraphinite Accelerator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seraphinite Solutions Seraphinite Accelerator allows Reflected XSS.This issue affects Seraphinite Accelerator: from n/a through 2.20.28. | 6.1 |
| 2023-11-27 | CVE-2023-5611 | Missing Authorization vulnerability in S-Sols Seraphinite Accelerator The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them | 5.3 |