Vulnerabilities > WP Plugins

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-4962 Cross-site Scripting vulnerability in Wp-Plugins Video Popup
The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'video_popup' shortcode in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wp-plugins CWE-79
5.4
2023-10-29 CVE-2007-10003 SQL Injection vulnerability in Wp-Plugins the Hackers Diet
A vulnerability, which was classified as critical, has been found in The Hackers Diet Plugin up to 0.9.6b on WordPress.
network
low complexity
wp-plugins CWE-89
8.8
2023-10-29 CVE-2005-10002 Path Traversal vulnerability in Wp-Plugins Secure Files 1.1
A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress.
network
low complexity
wp-plugins CWE-22
critical
9.8
2014-04-10 CVE-2013-2693 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Plugins Wp-Print
Cross-site request forgery (CSRF) vulnerability in the Options in the WP-Print plugin before 2.52 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unspecified vectors.
6.8