Vulnerabilities > Wpmet

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-08	CVE-2022-0788	Unspecified vulnerability in Wpmet Fundengine The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users network low complexity wpmet critical	9.8
2022-05-10	CVE-2022-1442	Missing Authorization vulnerability in Wpmet Metform Elementor Contact Form Builder The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. network low complexity wpmet CWE-862	7.5
2021-05-05	CVE-2021-24258	Unspecified vulnerability in Wpmet Elements KIT Elementor Addons The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method. network low complexity wpmet	5.4

Vulnerabilities > Wpmet {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpmet"}]}