WordPress Rate Own Post Plugin <= 1.0 is vulnerable to SQL Injection

Software Rate Own Post Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49616 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID c63aca788766 Credits João Pedro S Alcântara Kinorth Required privilege...

WordPress Crowd Ideas 1.0 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Crowd Ideas 1.0 Crowd Ideas is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...