Vulnerabilities > Wickedplugins > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-09 | CVE-2023-0729 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0684 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_unassign_folders function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0685 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0711 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_state function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0715 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_clone_folder function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0716 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_edit_folder function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0717 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_delete_folder function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0720 | Missing Authorization vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0722 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0724 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |