Vulnerabilities > Wpchill > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-14 | CVE-2021-25050 | Cross-site Scripting vulnerability in Wpchill Remove Footer Credit The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed. | 3.5 |
| 2022-01-14 | CVE-2021-36920 | Cross-site Scripting vulnerability in Wpchill Download Monitor Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WordPress plugin Download Monitor (versions <= 4.4.6). | 3.5 |
| 2021-11-29 | CVE-2021-24908 | Cross-site Scripting vulnerability in Wpchill Check & LOG Email The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | 2.6 |