Lucene search
K
BootstrappedWp Recipe Maker*

5 matches found

CVE
CVE
added 2024/02/20 6:56 p.m.86 views

CVE-2024-1206

WP Recipe Maker for WordPress (versions

8.8CVSS8.9AI score0.0074EPSS
CVE
CVE
added 2023/01/09 10:13 p.m.68 views

CVE-2022-4468

CVE-2022-4468 affects the WP Recipe Maker WordPress plugin: versions before 8.6.1 do not validate/escape certain shortcode attributes, enabling Stored XSS from users with as low as Contributor to target higher-privilege users. The vulnerability is triggered by outputting untrusted shortcode data ...

5.4CVSS5.3AI score0.00534EPSS
CVE
CVE
added 2024/04/09 6:58 p.m.67 views

CVE-2024-1571

CVE-2024-1571 : WP Recipe Maker for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to 9.2.1 due to insufficient input sanitization and output escaping. Authenticated users with access to the recipe dashboard (admin by default, but roles can...

4.8CVSS7.7AI score0.00426EPSS
CVE
CVE
added 2024/05/02 6:51 a.m.58 views

CVE-2024-3490

CVE-2024-3490 is a Stored Cross-Site Scripting vulnerability in the WordPress plugin WP Recipe Maker, affecting all versions up to and including 9.3.1. It arises from insufficient input sanitization and output escaping on user-supplied attributes in the wprm-recipe-roundup-item shortcode, allowin...

6.4CVSS5.7AI score0.0032EPSS
CVE
CVE
added 2024/06/19 8:33 a.m.55 views

CVE-2024-0383

WP Recipe Maker for WordPress (plugin, up to version 9.1.0) is affected by a Stored XSS due to insufficient restrictions on the group_tag attribute in the wprm-recipe-instructions and wprm-recipe-ingredients shortcodes. Exploitation requires authentication at Contributor level or higher; an attac...

6.4CVSS5.9AI score0.00449EPSS