Oik Security Vulnerabilities and Issues — Oik CVE List

Lucene search

BobbingwideOik

4 matches found

CVE•added 2024/03/14 9:15 p.m.•55 views

CVE-2024-2256

The oik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes such as bw_contact_button and bw_button shortcodes in all versions up to, and including, 4.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS7.6AI score0.0007EPSS

CVE•added 2024/08/26 9:15 p.m.•49 views

CVE-2024-43356

Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a through 4.12.0.

4.3CVSS7AI score0.0004EPSS

CVE•added 2024/07/09 12:15 p.m.•39 views

CVE-2024-6391

The oik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bw_button shortcode in all versions up to, and including, 4.10.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...

6.4CVSS5.9AI score0.00143EPSS

CVE•added 2025/06/06 1:15 p.m.•33 views

CVE-2025-49241

Missing Authorization vulnerability in bobbingwide oik allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects oik: from n/a through 4.15.1.

5.3CVSS5.3AI score0.0004EPSS