Vulnerabilities > Yoohooplugins

DATE CVE VULNERABILITY TITLE RISK
2023-11-22 CVE-2023-27461 Cross-Site Request Forgery (CSRF) vulnerability in Yoohooplugins When Last Login
Cross-Site Request Forgery (CSRF) vulnerability in Yoohoo Plugins When Last Login plugin <= 1.2.1 versions.
network
low complexity
yoohooplugins CWE-352
8.8
2021-08-30 CVE-2021-24592 Cross-site Scripting vulnerability in Yoohooplugins Sitewide Notice
The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
3.5