Vulnerabilities > Wpopal > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-01 CVE-2021-4388 Missing Authorization vulnerability in Wpopal Opal Estate 1.6.11
The Opal Estate plugin for WordPress is vulnerable to featured property modifications in versions up to, and including, 1.6.11.
network
low complexity
wpopal CWE-862
5.3
5.3
2022-05-19 CVE-2022-29449 Unspecified vulnerability in Wpopal Opal Hotel Room Booking
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Opal Hotel Room Booking plugin <= 1.2.7 at WordPress.
network
low complexity
wpopal
5.4
5.4