Vulnerabilities > Wpmudev > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-26 | CVE-2024-10402 | Unspecified vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.35.1. | 8.8 |
| 2024-08-26 | CVE-2024-43117 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Hummingbird Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.9.1. | 8.8 |
| 2024-01-08 | CVE-2023-51490 | Unspecified vulnerability in Wpmudev Defender Security Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0. | 7.5 |
| 2023-12-18 | CVE-2023-5949 | Missing Authorization vulnerability in Wpmudev Smartcrawl The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content. | 7.5 |
| 2019-08-14 | CVE-2017-18511 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Custom Sidebars The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. | 8.8 |
| 2019-08-14 | CVE-2017-18510 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Custom Sidebars 3.0.8.1 The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions. | 8.8 |
| 2017-10-06 | CVE-2017-15079 | Path Traversal vulnerability in Wpmudev Smush Image Compression and Optimization The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal. | 7.5 |