Bulletproof Security Security Vulnerabilities and Issues — Bulletproof Security CVE List

Lucene search

Ait-proBulletproof Security

4 matches found

CVE•added 2022/03/21 7:15 p.m.•84 views

CVE-2022-0590

The BulletProof Security WordPress plugin before 5.8 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

4.8CVSS4.7AI score0.00267EPSS

CVE•added 2022/05/16 3:15 p.m.•65 views

CVE-2022-1265

The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

4.8CVSS4.8AI score0.00267EPSS

CVE•added 2014/11/06 3:55 p.m.•48 views

CVE-2014-7958

Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dbhost parameter.

4.3CVSS5.8AI score0.00624EPSS

CVE•added 2017/09/12 10:29 p.m.•32 views

CVE-2015-9230

In the admin/db-backup-security/db-backup-security.php page in the BulletProof Security plugin before .52.5 for WordPress, XSS is possible for remote authenticated administrators via the DBTablePrefix parameter.

4.8CVSS4.7AI score0.01206EPSS