Vulnerabilities > Tainacan > Tainacan > 0.19.2

DATE CVE VULNERABILITY TITLE RISK
2025-01-23 CVE-2024-13236 SQL Injection vulnerability in Tainacan
The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id' parameter in all versions up to, and including, 0.21.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
tainacan CWE-89
6.5
6.5
2024-10-11 CVE-2024-48040 SQL Injection vulnerability in Tainacan
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tainacan.Org Tainacan allows SQL Injection.This issue affects Tainacan: from n/a through 0.21.8.
network
low complexity
tainacan CWE-89
6.5
6.5
2024-07-31 CVE-2024-7135 Missing Authorization vulnerability in Tainacan
The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7.
network
low complexity
tainacan CWE-862
6.5
6.5
2024-06-09 CVE-2024-30529 Unspecified vulnerability in Tainacan
Missing Authorization vulnerability in Tainacan.Org Tainacan.This issue affects Tainacan: from n/a through 0.20.7.
network
low complexity
tainacan
critical
 9.8
9.8
2024-06-03 CVE-2024-34794 Unspecified vulnerability in Tainacan
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Reflected XSS.This issue affects Tainacan: from n/a through 0.21.3.
network
low complexity
tainacan
6.1
6.1
2024-06-03 CVE-2024-34795 Unspecified vulnerability in Tainacan
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Stored XSS.This issue affects Tainacan: from n/a through 0.21.3.
network
low complexity
tainacan
5.4
5.4
2024-02-29 CVE-2024-1435 Unspecified vulnerability in Tainacan
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Tainacan.Org Tainacan.This issue affects Tainacan: from n/a through 0.20.6.
network
low complexity
tainacan
7.5
7.5
2023-11-30 CVE-2023-47848 Unspecified vulnerability in Tainacan
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Reflected XSS.This issue affects Tainacan: from n/a through 0.20.4.
network
low complexity
tainacan
6.1
6.1