Vulnerabilities > Wordpress > Wassup Plugin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-06-15 | CVE-2012-2633 | Cross-Site Scripting vulnerability in Wordpress Wassup Plugin Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | 4.3 |
| 2008-01-31 | CVE-2008-0520 | SQL Injection vulnerability in Wordpress Wassup Plugin 1.4 Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php. | 7.5 |