Vulnerabilities > Wpwave

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-06	CVE-2022-4681	Unspecified vulnerability in Wpwave Hide MY WP 6.2.3 The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. network low complexity wpwave critical	9.8
2021-11-24	CVE-2021-36916	SQL Injection vulnerability in Wpwave Hide MY WP 6.2.3 The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. network low complexity wpwave CWE-89	7.5
2021-11-24	CVE-2021-36917	Missing Authorization vulnerability in Wpwave Hide MY WP 6.2.3 WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user. network low complexity wpwave CWE-862	7.5

Vulnerabilities > Wpwave {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpwave"}]}