Vulnerabilities > Webcraftic

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-13	CVE-2019-16289	Cross-site Scripting vulnerability in Webcraftic Woody AD Snippets The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter. network low complexity webcraftic CWE-79	5.4
2019-09-03	CVE-2019-15858	Missing Authentication for Critical Function vulnerability in Webcraftic Woody AD Snippets admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. network low complexity webcraftic CWE-306	8.8
2019-08-30	CVE-2019-15818	Open Redirect vulnerability in Webcraftic Simple 301 Redirects The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for WordPress has no requirement for authentication for action=bulk301export or action=bulk301clearlist. network low complexity webcraftic CWE-601	6.1
2019-08-29	CVE-2019-15776	Open Redirect vulnerability in Webcraftic Simple 301 Redirects-Addon-Bulk Uploader The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file. network low complexity webcraftic CWE-601	6.1
2019-08-08	CVE-2019-14773	Unspecified vulnerability in Webcraftic Woody AD Snippets admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion. network low complexity webcraftic	7.5

Vulnerabilities > Webcraftic {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Webcraftic"}]}

Vulnerabilities > Webcraftic