Vulnerabilities > Wowonder > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-15 | CVE-2022-42984 | SQL Injection vulnerability in Wowonder 4.1.4 WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=search&s=recipients. | 9.8 |
| 2021-06-11 | CVE-2021-27200 | Use of Insufficiently Random Values vulnerability in Wowonder 3.0.4 In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. | 9.8 |