Gamipress Security Vulnerabilities and Issues — Gamipress CVE List

Lucene search

GamipressGamipress

3 matches found

CVE•added 2024/03/20 3:15 a.m.•58 views

CVE-2024-1799

The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to SQL Injection via the 'achievement_types' attribute of the gamipress_earnings shortcode in all versions up to, and including, 6.8.6 due to insufficient escapi...

8.8CVSS8.9AI score0.00244EPSS

CVE•added 2024/03/29 5:15 p.m.•58 views

CVE-2024-30455

Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through 6.8.5.

4.3CVSS5AI score0.00162EPSS

CVE•added 2024/03/20 3:15 a.m.•54 views

CVE-2024-2460

The GamiPress – Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gamipress_button' shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authe...

6.4CVSS6AI score0.00082EPSS