Lucene search
K
GetigniteupIgniteup

5 matches found

CVE
CVE
added 2019/11/12 4:48 p.m.84 views

CVE-2019-17234

The CVE concerns the WordPress IgniteUp plugin (versions up to 3.4). The vulnerability stems from deleteTemplate() in includes/class-coming-soon-creator.php, which is hooked to admin_init and accepts a POST parameter delete_template without proper authorization checks. It builds a path to the plu...

7.5CVSS7.8AI score0.03248EPSS
Web
CVE
CVE
added 2019/11/12 4:52 p.m.80 views

CVE-2019-17236

CVE-2019-17236 affects the WordPress IgniteUp plugin (up to version 3.4). The vulnerability is a stored XSS in includes/class-coming-soon-creator.php. Impact details are limited to stored XSS per sources; exploitation details are not provided in the documents. Remediation: upgrade to a fixed vers...

6.1CVSS6.8AI score0.00966EPSS
CVE
CVE
added 2022/05/09 4:50 p.m.77 views

CVE-2022-0898

CVE-2022-0898 affects the IgniteUp WordPress plugin up to version 3.4.1. The vulnerability arises from insufficient sanitization/escaping of certain fields when high-privilege users lack the unfiltered_html capability, enabling a Stored Cross-Site Scripting (XSS) scenario on admin-facing template...

5.4CVSS5.1AI score0.00584EPSS
Web
CVE
CVE
added 2019/11/12 4:53 p.m.75 views

CVE-2019-17237

CVE-2019-17237 affects the WordPress IgniteUp plugin (up to v3.4). The vulnerability is a CSRF flaw in includes/class-coming-soon-creator.php, allowing unauthorized actions via CSRF. Evidence from multiple feeds confirms the plugin versions impacted ( IgniteUp

8.8CVSS8.7AI score0.0074EPSS
CVE
CVE
added 2019/11/12 4:50 p.m.73 views

CVE-2019-17235

CVE-2019-17235 affects the WordPress IgniteUp plugin up to version 3.4. The issue is in includes/class-coming-soon-creator.php and leads to information disclosure. Exploitation details are not provided in the documents; the impact is disclosure of sensitive information. Remediation: upgrade to a ...

5.3CVSS5.8AI score0.01397EPSS