Vulnerabilities > WP Custom Cursors Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-19	CVE-2023-2221	Unspecified vulnerability in WP Custom Cursors Project WP Custom Cursors The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin. network low complexity wp-custom-cursors-project	7.2
2022-10-17	CVE-2022-3149	Unspecified vulnerability in WP Custom Cursors Project WP Custom Cursors The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when creating and editing cursors, which could allow attackers to made a logged in admin perform such actions via CSRF attacks. network low complexity wp-custom-cursors-project	6.1
2022-10-17	CVE-2022-3150	Unspecified vulnerability in WP Custom Cursors Project WP Custom Cursors The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin network low complexity wp-custom-cursors-project	7.2
2022-10-17	CVE-2022-3151	Unspecified vulnerability in WP Custom Cursors Project WP Custom Cursors The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when deleting cursors, which could allow attackers to made a logged in admin delete arbitrary cursors via a CSRF attack. network low complexity wp-custom-cursors-project	4.3

Vulnerabilities > WP Custom Cursors Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WP Custom Cursors Project"}]}