Vulnerabilities > Wickedplugins > Wicked Folders > 2.6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-08 | CVE-2023-0725 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0726 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-08 | CVE-2023-0718 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0712 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_move_object function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0719 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_sort_order function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0723 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0727 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0730 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0713 | Missing Authorization vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_add_folder function in versions up to, and including, 2.18.16. | 4.3 |
| 2023-02-07 | CVE-2023-0728 | Unspecified vulnerability in Wickedplugins Wicked Folders The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. | 4.3 |