Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
etoilewebdesign ultimate faq vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-17232
Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin up to and including 1.8.24 for WordPress allows unauthenticated options import.
Etoilewebdesign Ultimate Faq
3.5
CVSSv2
CVE-2021-24968
The Ultimate FAQ WordPress plugin prior to 2.1.2 does not have capability and CSRF checks in the ewd_ufaq_welcome_add_faq and ewd_ufaq_welcome_add_faq_page AJAX actions, available to any authenticated users. As a result, any users, with a role as low as Subscriber could create FA...
Etoilewebdesign Ultimate Faq
4.3
CVSSv2
CVE-2019-17233
Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin up to and including 1.8.24 for WordPress allows HTML content injection.
Etoilewebdesign Ultimate Faq
4.3
CVSSv2
CVE-2020-7107
The Ultimate FAQ plugin prior to 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php.
Etoilewebdesign Ultimate Faq
4.3
CVSSv2
CVE-2019-15643
The ultimate-faqs plugin prior to 1.8.22 for WordPress has XSS.
Etoilewebdesign Ultimate Faq
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started