Vulnerabilities > WP Master

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-17	CVE-2024-5170	Cross-site Scripting vulnerability in Wp-Master Logo Manager for Enamad The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) network low complexity wp-master CWE-79	4.8
2023-03-20	CVE-2023-25795	Unspecified vulnerability in Wp-Master Feed Changer & Remover 0.1/0.2 Auth. network low complexity wp-master	4.8
2023-01-23	CVE-2022-4307	Unspecified vulnerability in Wp-Master Pardakht-Delkhah The ?????? ?????? ?????? WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin. network low complexity wp-master	6.1

Vulnerabilities > WP Master {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WP Master"}]}