Vulnerabilities > Wpcode > Wpcode > 2.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2023-3524 | Unspecified vulnerability in Wpcode The WPCode WordPress plugin before 2.0.13.1 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting | 6.1 |
| 2023-04-24 | CVE-2023-1624 | Unspecified vulnerability in Wpcode The WPCode WordPress plugin before 2.0.9 has a flawed CSRF when deleting log, and does not ensure that the file to be deleted is inside the expected folder. | 6.5 |