Vulnerabilities > Silkypress
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2021-24447 | Path Traversal vulnerability in Silkypress WP Image Zoom The WP Image Zoom WordPress plugin before 1.47 did not validate its tab parameter before using it in the include_once() function, leading to a local file inclusion issue in the admin dashboard | 5.0 |
| 2018-06-26 | CVE-2018-1000510 | Incorrect Permission Assignment for Critical Resource vulnerability in Silkypress Image Zoom 1.23 WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. | 4.0 |
| 2017-08-02 | CVE-2017-2285 | Cross-site Scripting vulnerability in Silkypress Simple Custom CSS and JS Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |