The About Me 3000 widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions....
4.8CVSS
4.9AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi About Me 3000 widget plugin <= 2.2.6...
8.8CVSS
8.8AI Score
0.001EPSS
Broken Access Control vulnerability in Alessio Caiazza's About Me plugin <= 1.0.12 at...
9.8CVSS
9.4AI Score
0.002EPSS