Vulnerabilities > Wpvar

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-27	CVE-2023-0335	Missing Authorization vulnerability in Wpvar WP Shamsi The WP Shamsi WordPress plugin through 4.3.3 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber delete attachment. network low complexity wpvar CWE-862	6.5
2022-12-16	CVE-2022-4555	Unspecified vulnerability in Wpvar WP Shamsi The WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. network low complexity wpvar	5.3
2022-09-09	CVE-2022-38058	Unspecified vulnerability in Wpvar WP Shamsi Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress. network low complexity wpvar	4.3

Vulnerabilities > Wpvar {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpvar"}]}