Futurio Extra Security Vulnerabilities and Issues — Futurio Extra CVE List

Lucene search

FuturiowpFuturio Extra

3 matches found

CVE•added 2022/02/14 12:15 p.m.•94 views

CVE-2021-25109

The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cross-Site Scripting (XSS) against logged in admins by making send open a malicious link.

4CVSS3.3AI score0.00168EPSS

CVE•added 2022/02/14 12:15 p.m.•76 views

CVE-2021-25110

The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address.

4.3CVSS4.5AI score0.00225EPSS

CVE•added 2024/11/12 4:15 a.m.•36 views

CVE-2024-10695

The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-leve...

4.3CVSS4.3AI score0.00063EPSS