Vulnerabilities > Whmpress
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-02-28 | CVE-2024-9193 | PHP Remote File Inclusion vulnerability in Whmpress Whmcs 6.3 The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_extended_results() function. | 9.8 |
2025-02-28 | CVE-2024-9195 | Missing Authorization vulnerability in Whmpress Whmcs Client Area 4.3 The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the update_settings case in the /admin/ajax.php file in all versions up to, and including, 4.3-revision-3. | 8.8 |