Vulnerabilities > Wpchill

DATE CVE VULNERABILITY TITLE RISK
2024-10-16 CVE-2022-4972 Missing Authorization vulnerability in Wpchill Download Monitor
The Download Monitor plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST-API routes related to reporting in versions up to, and including, 4.7.51.
network
low complexity
wpchill CWE-862
7.5
2024-09-26 CVE-2024-8552 Missing Authorization vulnerability in Wpchill Download Monitor
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the enable_shop() function in all versions up to, and including, 5.0.9.
network
low complexity
wpchill CWE-862
4.3
2024-07-24 CVE-2024-6571 Unspecified vulnerability in Wpchill Optimize Images ALT Text (Alt Tag) & Names for SEO Using AI
The Optimize Images ALT Text (alt tag) & names for SEO using AI plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.1.1.
network
low complexity
wpchill
5.3
2024-06-07 CVE-2023-6491 Missing Authorization vulnerability in Wpchill Strong Testimonials
The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12.
network
low complexity
wpchill CWE-862
4.3
2024-01-08 CVE-2022-45354 Unspecified vulnerability in Wpchill Download Monitor
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60.
network
low complexity
wpchill
7.5
2024-01-05 CVE-2023-52123 Cross-Site Request Forgery (CSRF) vulnerability in Wpchill Strong Testimonials
Cross-Site Request Forgery (CSRF) vulnerability in WPChill Strong Testimonials.This issue affects Strong Testimonials: from n/a through 3.1.10.
network
low complexity
wpchill CWE-352
8.8
2023-12-20 CVE-2023-34007 Unrestricted Upload of File with Dangerous Type vulnerability in Wpchill Download Monitor
Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3.
network
low complexity
wpchill CWE-434
8.8
2023-11-22 CVE-2023-5704 Cross-site Scripting vulnerability in Wpchill CPO Shortcodes
The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpchill CWE-79
5.4
2023-11-13 CVE-2023-31219 Server-Side Request Forgery (SSRF) vulnerability in Wpchill Download Monitor
Server-Side Request Forgery (SSRF) vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.1.
network
low complexity
wpchill CWE-918
4.9
2023-06-22 CVE-2023-28171 Cross-site Scripting vulnerability in Wpchill Brilliance
Auth.
network
low complexity
wpchill CWE-79
5.4