Vulnerabilities > Whmpress

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-28	CVE-2024-9193	PHP Remote File Inclusion vulnerability in Whmpress Whmcs 6.3 The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_extended_results() function. network low complexity whmpress CWE-98 critical	9.8
2025-02-28	CVE-2024-9195	Missing Authorization vulnerability in Whmpress Whmcs Client Area 4.3 The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the update_settings case in the /admin/ajax.php file in all versions up to, and including, 4.3-revision-3. network low complexity whmpress CWE-862	8.8

Vulnerabilities > Whmpress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Whmpress"}]}