Oik@* Security Vulnerabilities and Issues — Oik@* CVE List

Lucene search

BobbingwideOik*

6 matches found

CVE•added 2024/03/14 9:15 p.m.•56 views

CVE-2024-2256

The oik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes such as bw_contact_button and bw_button shortcodes in all versions up to, and including, 4.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS7.6AI score0.00096EPSS

CVE•added 2024/08/26 9:15 p.m.•49 views

CVE-2024-43356

Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a through 4.12.0.

4.3CVSS7AI score0.0004EPSS

CVE•added 2024/07/09 12:15 p.m.•39 views

CVE-2024-6391

The oik plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bw_button shortcode in all versions up to, and including, 4.10.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...

6.4CVSS5.9AI score0.00332EPSS

CVE•added 2025/06/06 1:15 p.m.•33 views

CVE-2025-49241

Missing Authorization vulnerability in bobbingwide oik allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects oik: from n/a through 4.15.1.

5.3CVSS5.3AI score0.00042EPSS

CVE•added 3 days ago•3 views

CVE-2025-54670

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bobbingwide oik allows Reflected XSS. This issue affects oik: from n/a through 4.15.2.

7.1CVSS7.2AI score0.00033EPSS

CVE•added 2025/08/14 11:15 a.m.•3 views

CVE-2025-54671

Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik allows Cross Site Request Forgery. This issue affects oik: from n/a through 4.15.2.

4.3CVSS7.2AI score0.00016EPSS