Vulnerabilities > Wpengine > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2023-6933 | Deserialization of Untrusted Data vulnerability in Wpengine Better Search Replace The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. | 9.8 |
| 2019-06-10 | CVE-2019-9880 | Missing Authentication for Critical Function vulnerability in Wpengine Wpgraphql 0.2.3 An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. | 9.1 |
| 2019-06-10 | CVE-2019-9879 | Missing Authentication for Critical Function vulnerability in Wpengine Wpgraphql 0.2.3 The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. | 9.8 |