5 matches found
CVE-2023-23893 WordPress Simple Giveaways plugin <= 2.48.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Igor Benic Simple Giveaways giveasap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through = 2.48.0...
WordPress Simple Giveaways Plugin <= 2.46.0 is vulnerable to Cross Site Scripting (XSS)
Software Simple Giveaways Type Plugin Vulnerable versions = 2.46.0 Fixed in 2.46.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0ce7fb5f5ef Credits Rafie Muhammad Patchstack...
WordPress Simple Giveaways Plugin <= 2.48.0 is vulnerable to Broken Access Control
Software Simple Giveaways Type Plugin Vulnerable versions = 2.48.0 Fixed in 2.48.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23893 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e25cb2d4a4a7 Credits Nguyen Anh Tien Required...
WordPress Simple Giveaways plugin <= 2.42.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Simple Giveaways plugin versions = 2.42.0. Solution Update the WordPress Simple Giveaways plugin to the latest available version at least 2.42.1...
WordPress Simple Giveaways plugin <= 2.36.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Shreya Pohekar in WordPress Simple Giveaways plugin versions = 2.36.1. Solution Update the WordPress Simple Giveaways plugin to the latest available version at least 2.36.2...