Vulnerabilities > Wpcode
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-07 | CVE-2023-3524 | Unspecified vulnerability in Wpcode The WPCode WordPress plugin before 2.0.13.1 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting | 6.1 |
2023-04-24 | CVE-2023-1624 | Unspecified vulnerability in Wpcode The WPCode WordPress plugin before 2.0.9 has a flawed CSRF when deleting log, and does not ensure that the file to be deleted is inside the expected folder. | 6.5 |
2023-03-06 | CVE-2023-0328 | Unspecified vulnerability in Wpcode The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. | 4.3 |