Vulnerabilities > Superwhite

DATE CVE VULNERABILITY TITLE RISK
2023-11-04 CVE-2023-40215 SQL Injection vulnerability in Superwhite Demon Image Annotation
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Demonisblack demon image annotation allows SQL Injection.This issue affects demon image annotation: from n/a through 5.1.
network
low complexity
superwhite CWE-89
7.2
2022-12-13 CVE-2022-4171 Unspecified vulnerability in Superwhite Demon Image Annotation
The demon image annotation plugin for WordPress is vulnerable to improper input validation in versions up to, and including 5.0.
network
low complexity
superwhite
7.5
2022-10-28 CVE-2022-2864 Unspecified vulnerability in Superwhite Demon Image Annotation
The demon image annotation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.7.
network
low complexity
superwhite
8.8