Vulnerabilities > XWP > Stream > 3.9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-7423 | Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream The Stream plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.1. | 8.8 |
| 2023-12-19 | CVE-2022-43450 | Unspecified vulnerability in XWP Stream Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream.This issue affects Stream: from n/a through 3.9.2. | 6.5 |
| 2023-05-25 | CVE-2022-43490 | Unspecified vulnerability in XWP Stream Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions. | 8.8 |