CVE-2015-9418

The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes...

Watu PRO 4.8.8.4 Cross Site Request Forgery

Details ================ Software: Watu PRO Version: 4.8.8.4 Homepage: http://calendarscripts.info/watupro/ Advisory report: https://security.dxw.com/advisories/csrf-in-watu-pro-allows-unauthenticated-attackers-to-delete-quizzes/ CVE: Awaiting assignment CVSS: 4.3 Medium; AV:N/AC:M/Au:N/C:N/I:P/A...

Watu PRO 4.8.8.4 Cross Site Scripting

Details ================ Software: Watu PRO Version: 4.8.8.4 Homepage: http://calendarscripts.info/watupro/ Advisory report: https://security.dxw.com/advisories/stored-xss-in-watu-pro-allows-unauthenticated-attackers-to-do-almost-anything-an-admin-can/ CVE: Awaiting assignment CVSS: 5.8 Medium;...