Lucene search
K
GetigniteupIgniteup3.4

4 matches found

CVE
CVE
added 2019/11/12 4:48 p.m.84 views

CVE-2019-17234

The CVE concerns the WordPress IgniteUp plugin (versions up to 3.4). The vulnerability stems from deleteTemplate() in includes/class-coming-soon-creator.php, which is hooked to admin_init and accepts a POST parameter delete_template without proper authorization checks. It builds a path to the plu...

7.5CVSS7.8AI score0.03248EPSS
Web
CVE
CVE
added 2019/11/12 4:52 p.m.80 views

CVE-2019-17236

CVE-2019-17236 affects the WordPress IgniteUp plugin (up to version 3.4). The vulnerability is a stored XSS in includes/class-coming-soon-creator.php. Impact details are limited to stored XSS per sources; exploitation details are not provided in the documents. Remediation: upgrade to a fixed vers...

6.1CVSS6.8AI score0.00966EPSS
CVE
CVE
added 2019/11/12 4:53 p.m.75 views

CVE-2019-17237

CVE-2019-17237 affects the WordPress IgniteUp plugin (up to v3.4). The vulnerability is a CSRF flaw in includes/class-coming-soon-creator.php, allowing unauthorized actions via CSRF. Evidence from multiple feeds confirms the plugin versions impacted ( IgniteUp

8.8CVSS8.7AI score0.0074EPSS
CVE
CVE
added 2019/11/12 4:50 p.m.73 views

CVE-2019-17235

CVE-2019-17235 affects the WordPress IgniteUp plugin up to version 3.4. The issue is in includes/class-coming-soon-creator.php and leads to information disclosure. Exploitation details are not provided in the documents; the impact is disclosure of sensitive information. Remediation: upgrade to a ...

5.3CVSS5.8AI score0.01397EPSS