High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-04	CVE-2024-51672	SQL Injection vulnerability in Wpdeveloper Betterlinks Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks allows SQL Injection.This issue affects BetterLinks: from n/a through 2.1.7. network low complexity wpdeveloper CWE-89	7.2
2024-08-13	CVE-2024-43129	Path Traversal vulnerability in Wpdeveloper Betterdocs Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8. network low complexity wpdeveloper CWE-22	8.8
2024-06-21	CVE-2023-51375	Unspecified vulnerability in Wpdeveloper Embedpress Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3. network low complexity wpdeveloper	8.8
2024-06-09	CVE-2024-30467	Unspecified vulnerability in Wpdeveloper Essential Blocks Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9. network low complexity wpdeveloper	8.8
2023-11-18	CVE-2023-32245	Unspecified vulnerability in Wpdeveloper Essential Addons for Elementor Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8. network low complexity wpdeveloper	8.8
2023-10-20	CVE-2023-4386	Deserialization of Untrusted Data vulnerability in Wpdeveloper Essential Blocks The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the get_posts function. network high complexity wpdeveloper CWE-502	8.1
2023-06-27	CVE-2023-3371	Unspecified vulnerability in Wpdeveloper Embedpress The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_handler' and 'display_password_form' function in versions up to, and including, 3.7.3. network low complexity wpdeveloper	7.5
2023-06-06	CVE-2023-2833	Improper Privilege Management vulnerability in Wpdeveloper Reviewx The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. network low complexity wpdeveloper CWE-269	8.8
2023-02-23	CVE-2023-26325	SQL Injection vulnerability in Wpdeveloper Reviewx The 'rx_export_review' action in the ReviewX WordPress Plugin, is affected by an authenticated SQL injection vulnerability in the 'filterValue' and 'selectedColumns' parameters. network low complexity wpdeveloper CWE-89	8.8
2021-06-14	CVE-2021-24352	Unspecified vulnerability in Wpdeveloper Simple 301 Redirects The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects. network low complexity wpdeveloper	8.8