Vulnerabilities > Themewinter > Wpcafe > 1.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-09 | CVE-2023-47805 | Unspecified vulnerability in Themewinter Wpcafe Missing Authorization vulnerability in Themewinter WPCafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through 2.2.22. | 9.8 |
| 2024-08-13 | CVE-2024-43135 | Path Traversal vulnerability in Themewinter Wpcafe Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28. | 8.8 |
| 2024-07-09 | CVE-2024-37513 | Unspecified vulnerability in Themewinter Wpcafe Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows Path Traversal.This issue affects WPCafe: from n/a through 2.2.27. | 8.8 |
| 2024-05-31 | CVE-2024-5427 | Unspecified vulnerability in Themewinter Wpcafe The WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Reservation Form shortcode in all versions up to, and including, 2.2.24 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |