CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-Site Request Forgery CSRF vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0...

8.8CVSS5.1AI score0.00398EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:46 a.m.•2 views

CVE-2024-49289

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Gora Tech LLC Cooked Pro allows Stored XSS.This issue affects Cooked Pro: from n/a before 1.8.0...

6.5CVSS5.2AI score0.00313EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:24 p.m.•2 views

CVE-2022-3900

The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipeargs parameter before unserializing it in the cookedloadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability...

9.8CVSS7.2AI score0.04297EPSS

Exploits2References1

RedhatCVE•added 2025/02/05 5:55 a.m.•4 views

CVE-2024-49291

Unrestricted Upload of File with Dangerous Type vulnerability in Gora Tech LLC Cooked Pro.This issue affects Cooked Pro: from n/a before 1.8.0...

10CVSS5.2AI score0.00822EPSS

Exploits0References1

NVD•added 2024/10/20 11:15 a.m.•20 views

CVE-2024-49290

Cross-Site Request Forgery CSRF vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0...

8.8CVSS0.00398EPSS

Exploits0References1

OSV•added 2024/10/20 11:15 a.m.•6 views

CVE-2024-49290

Cross-Site Request Forgery CSRF vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0...

8.8CVSS6.8AI score

Exploits0References1

CVE•added 2024/10/20 10:14 a.m.•56 views

CVE-2024-49290

CVE-2024-49290 pertains to a Cross-Site Request Forgery (CSRF) in Cooked Pro (WordPress plugin by Gora Tech LLC) affecting versions prior to 1.8.0. The linked sources note that the vulnerability is addressed in version 1.8.0 and advise upgrading to mitigate exposure. No exploit specifics are prov...

8.8CVSS5.1AI score0.00398EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/10/20 10:14 a.m.•17 views

CVE-2024-49290 WordPress Cooked Pro plugin < 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0...

4.3CVSS0.00398EPSS

Exploits0References1

Vulnrichment•added 2024/10/20 10:14 a.m.•14 views

CVE-2024-49290 WordPress Cooked Pro plugin < 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0...

4.3CVSS7AI score0.00398EPSS

Exploits0References1

CNNVD•added 2024/10/20 12:0 a.m.•3 views

WordPress plugin Cooked Pro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site reque...

8.8CVSS6.5AI score0.00398EPSS

Exploits0References2

Positive Technologies•added 2024/10/20 12:0 a.m.•3 views

PT-2024-33431 · Unknown · Cooked Pro

Name of the Vulnerable Software and Affected Versions: Cooked Pro versions prior to 1.8.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. This problem involves CSRF attacks. Recommendations: For versions prior to 1.8.0, update to...

8.8CVSS7.2AI score0.00398EPSS

Exploits0References8

NVD•added 2024/10/17 7:15 p.m.•8 views

CVE-2024-49289

6.5CVSS0.00313EPSS

Exploits0References1

Vulnrichment•added 2024/10/17 7:9 p.m.•10 views

CVE-2024-49289 WordPress Cooked Pro plugin < 1.8.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.8AI score0.00313EPSS

Exploits0References1

CVE•added 2024/10/17 7:9 p.m.•37 views

CVE-2024-49289

CVE-2024-49289 (Cooked Pro) : A stored XSS vulnerability exists in Cooked Pro plugin for WordPress prior to version 1.8.0, arising from improper input neutralization during web page generation. The issue affects Cooked Pro pre-1.8.0 and has been assigned CVE-2024-49289. Public disclosures in mult...

6.5CVSS5.2AI score0.00313EPSS

Exploits0References1

Cvelist•added 2024/10/17 7:9 p.m.•20 views

CVE-2024-49289 WordPress Cooked Pro plugin < 1.8.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00313EPSS

Exploits0References1

NVD•added 2024/10/17 6:15 p.m.•10 views

CVE-2024-49291

Unrestricted Upload of File with Dangerous Type vulnerability in Gora Tech LLC Cooked Pro.This issue affects Cooked Pro: from n/a before 1.8.0...

10CVSS0.00822EPSS

Exploits0References1

CVE•added 2024/10/17 5:20 p.m.•40 views

CVE-2024-49291

CVE-2024-49291 is an unauthenticated, high-severity (CVSS 3.1: 10.0, CRITICAL) vulnerability in the WordPress plugin Cooked Pro prior to version 1.8.0 that allows unrestricted upload of files with dangerous types. The issue affects Cooked Pro up to v1.7.x; upstream sources confirm a fixed release...

10CVSS5.2AI score0.00822EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by