Vulnerabilities > Wpwave
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-06 | CVE-2022-4681 | Unspecified vulnerability in Wpwave Hide MY WP 6.2.3 The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. | 9.8 |
2021-11-24 | CVE-2021-36916 | SQL Injection vulnerability in Wpwave Hide MY WP 6.2.3 The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. | 9.8 |
2021-11-24 | CVE-2021-36917 | Missing Authorization vulnerability in Wpwave Hide MY WP 6.2.3 WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user. | 7.5 |