Lucene search

K

Gwolle Guestbook Security Vulnerabilities

cve
cve

CVE-2017-20089

A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The attack may be initiated...

6.1CVSS

6AI Score

0.001EPSS

2022-06-23 05:15 AM
21
6
cve
cve

CVE-2021-24980

The Gwolle Guestbook WordPress plugin before 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin...

6.1CVSS

6AI Score

0.001EPSS

2021-12-27 11:15 AM
28
cve
cve

CVE-2018-17884

XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin before 2.5.4 for WordPress via the PATH_INFO to...

6.1CVSS

6AI Score

0.002EPSS

2018-10-02 06:29 PM
18
cve
cve

CVE-2015-8351

PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be...

9CVSS

8.9AI Score

0.846EPSS

2017-09-11 08:29 PM
40