3 matches found
CVE-2024-1642
CVE-2024-1642 affects the MainWP Dashboard: WordPress Manager for Multiple Websites Maintenance plugin. The issue is a Cross-Site Request Forgery (CSRF) in the posting_bulk function caused by missing/incorrect nonce validation, allowing unauthenticated attackers to delete arbitrary posts if a sit...
CVE-2023-38519
The CVE-2023-38519 entry corresponds to the MainWP WordPress Dashboard (MainWP Plugin) SQL Injection vulnerability. Affected versions are MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance up to 4.4.3.3. The root cause is improper handling/escaping in SQL queries, enabling an ...
CVE-2016-15041
Summary: CVE-2016-15041 affects the MainWP Dashboard plugin for WordPress, versions up to and including 3.1.2. It is a stored XSS due to insufficient input sanitization and output escaping in the mwp_setup_purchase_username parameter, exploitable by unauthenticated attackers. Impact (as documente...