Vulnerabilities > Webmaster Source > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-24 | CVE-2021-25073 | Unspecified vulnerability in Webmaster-Source Wp125 The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack | 8.8 |
| 2019-09-20 | CVE-2015-9398 | SQL Injection vulnerability in Webmaster-Source Gocodes 1.3.5 The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. | 8.8 |