Sign-up Sheets Security Vulnerabilities and Issues — Sign-up Sheets CVE List

Lucene search

FetchdesignsSign-up Sheets

5 matches found

CVE•added 2021/07/12 8:15 p.m.•41 views

CVE-2021-24441

The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet title when generating the CSV to export, which could lead to a CSV injection issue

8CVSS7.9AI score0.0084EPSS

CVE•added 2021/07/12 8:15 p.m.•38 views

CVE-2021-24440

The Sign-up Sheets WordPress plugin before 1.0.14 did not sanitise or escape some of its fields when creating a new sheet, allowing high privilege users to add JavaScript in them, leading to a Stored Cross-Site Scripting issue. The payloads will be triggered when viewing the 'All Sheets' page in th...

4.8CVSS4.7AI score0.00186EPSS

CVE•added 2024/11/01 3:15 p.m.•37 views

CVE-2024-39654

Missing Authorization vulnerability in Fetch Designs Sign-up Sheets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sign-up Sheets: from n/a through 2.2.12.

5.3CVSS5.3AI score0.00084EPSS

CVE•added 2024/09/04 6:15 a.m.•35 views

CVE-2024-6020

The Sign-up Sheets WordPress plugin before 2.2.13 does not escape some generated URLs, as well as the $_SERVER['REQUEST_URI'] parameter before outputting them back in attributes, which could lead to Reflected Cross-Site Scripting.

6.1CVSS6.2AI score0.00138EPSS

CVE•added 2023/10/03 12:15 p.m.•28 views

CVE-2023-39165

Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin

8.8CVSS7.1AI score0.00106EPSS