Vulnerabilities > Xnau > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-19 | CVE-2023-48751 | Unspecified vulnerability in Xnau Participants Database Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects Participants Database: from n/a through 2.5.5. | 8.8 |
| 2023-11-09 | CVE-2023-31235 | Unspecified vulnerability in Xnau Participants Database Cross-Site Request Forgery (CSRF) vulnerability in Roland Barker, xnau webdesign Participants Database plugin <= 2.4.9 versions. | 8.8 |
| 2020-02-11 | CVE-2020-8596 | SQL Injection vulnerability in Xnau Participants Database participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, list_filter_count, or sortBy parameters. | 7.5 |