Wp Extra Security Vulnerabilities and Issues — Wp Extra CVE List

Lucene search

WpvnteamWp Extra

5 matches found

CVE•added 2023/11/22 8:15 p.m.•72 views

CVE-2023-47825

Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra plugin

8.8CVSS6.5AI score0.0007EPSS

CVE•added 2023/11/22 4:15 p.m.•70 views

CVE-2023-5314

The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register() function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with minimal permiss...

4.3CVSS4.7AI score0.00066EPSS

CVE•added 2023/12/19 12:15 a.m.•51 views

CVE-2023-46212

Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly Constrained by ACLs, Cross Site Request Forgery.This issue affects WP EXtra: from n/a through 6.2.

8.8CVSS7.4AI score0.00053EPSS

CVE•added 2023/10/25 6:17 p.m.•35 views

CVE-2023-5311

The WP EXtra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the register() function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to modify the con...

8.8CVSS8.6AI score0.0659EPSS

CVE•added 2023/12/29 9:15 a.m.•16 views

CVE-2023-46623

Improper Control of Generation of Code ('Code Injection') vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2.

9.9CVSS9.2AI score0.00212EPSS