Vulnerabilities > Softaculous
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-14 | CVE-2024-8669 | SQL Injection vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter passed to the backuply_wp_clone_sql() function in all versions up to, and including, 1.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.2 |
| 2024-08-26 | CVE-2024-43299 | Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Speedycache Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue affects SpeedyCache: from n/a through 1.1.8. | 5.4 |
| 2024-07-25 | CVE-2024-24621 | Incorrect Comparison vulnerability in Softaculous Webuzo Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. | 9.8 |
| 2024-07-25 | CVE-2024-24622 | OS Command Injection vulnerability in Softaculous Webuzo Softaculous Webuzo contains a command injection in the password reset functionality. | 8.8 |
| 2024-07-25 | CVE-2024-24623 | OS Command Injection vulnerability in Softaculous Webuzo Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality. | 8.8 |
| 2024-02-09 | CVE-2024-0842 | Excessive Iteration vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. | 7.5 |
| 2024-02-02 | CVE-2024-1189 | Improper Resource Shutdown or Release vulnerability in Softaculous Ampps A vulnerability has been found in AMPPS 2.7 and classified as problematic. | 7.5 |
| 2024-01-27 | CVE-2024-0697 | Path Traversal vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. | 4.9 |
| 2024-01-11 | CVE-2023-6598 | Missing Authorization vulnerability in Softaculous Speedycache The SpeedyCache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the speedycache_save_varniship, speedycache_img_update_settings, speedycache_preloading_add_settings, and speedycache_preloading_delete_resource functions in all versions up to, and including, 1.1.3. | 4.3 |
| 2023-12-07 | CVE-2023-49746 | Server-Side Request Forgery (SSRF) vulnerability in Softaculous Speedycache Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team SpeedyCache – Cache, Optimization, Performance.This issue affects SpeedyCache – Cache, Optimization, Performance: from n/a through 1.1.2. | 4.3 |