Filtered by vendor Yoohooplugins
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27461 | 1 Yoohooplugins | 1 When Last Login | 2023-11-30 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Yoohoo Plugins When Last Login plugin <= 1.2.1 versions. | |||||
| CVE-2021-24592 | 1 Yoohooplugins | 1 Sitewide Notice | 2021-09-02 | 3.5 LOW | 4.8 MEDIUM |
| The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||