Vulnerabilities > WP BUY > WP Content Copy Protection NO Right Click

DATE CVE VULNERABILITY TITLE RISK
2024-10-20 CVE-2024-49306 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Buy WP Content Copy Protection & NO Right Click
Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9.
network
low complexity
wp-buy CWE-352
8.8
8.8
2023-08-05 CVE-2023-36678 Cross-site Scripting vulnerability in Wp-Buy WP Content Copy Protection & NO Right Click
Auth.
network
low complexity
wp-buy CWE-79
4.8
4.8
2022-02-21 CVE-2022-23983 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Buy WP Content Copy Protection & NO Right Click
Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
network
wp-buy CWE-352
6.8
6.8
2021-05-14 CVE-2021-24188 Unspecified vulnerability in Wp-Buy WP Content Copy Protection & NO Right Click
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.
network
low complexity
wp-buy
6.5
6.5