Vulnerabilities > Wickedplugins > Wicked Folders > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-09 CVE-2023-0729 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0684 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_unassign_folders function in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0685 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0711 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_state function in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0715 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_clone_folder function in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0716 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_edit_folder function in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0717 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_delete_folder function in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0720 Missing Authorization vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins CWE-862
4.3
2023-02-08 CVE-2023-0722 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3
2023-02-08 CVE-2023-0724 Unspecified vulnerability in Wickedplugins Wicked Folders
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16.
network
low complexity
wickedplugins
4.3