Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.8 views

CVE-2024-12545

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.1. This is due to missing nonce validation on the resetinstallation function...

5.4CVSS6.5AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:1 a.m.6 views

CVE-2024-11898

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swin-campaign' shortcode in all versions up to, and including, 2.6.9 due to insufficient input...

6.4CVSS5.9AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2025/02/18 9:15 a.m.7 views

CVE-2024-13316

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the apmswncreatediscount function in all versions up to, and including, 2.8.0. This makes...

5.3CVSS0.00363EPSS
Exploits0References4
NVD
NVD
added 2025/01/04 8:15 a.m.14 views

CVE-2024-12545

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.1. This is due to missing nonce validation on the resetinstallation function...

5.4CVSS0.00198EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/04 7:24 a.m.8 views

CVE-2024-12545 Scratch & Win – Giveaways and Contests <= 2.7.1 - Cross-Site Request Forgery via reset_installation Function

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.1. This is due to missing nonce validation on the resetinstallation function...

5.4CVSS5.2AI score0.00198EPSS
Exploits0References4
Rows per page
Query Builder