Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gwolle guestbook project gwolle guestbook vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin prior to 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: t...
Gwolle Guestbook Project Gwolle Guestbook
1 EDB exploit
4.3
CVSSv2
CVE-2018-17884
XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin prior to 2.5.4 for WordPress via the PATH_INFO to wp-admin/index.php
Gwolle Guestbook Project Gwolle Guestbook
4.3
CVSSv2
CVE-2021-24980
The Gwolle Guestbook WordPress plugin prior to 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin page
Gwolle Guestbook Project Gwolle Guestbook
4.3
CVSSv2
CVE-2017-20089
A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The attack may be initiated remotely.
Gwolle Guestbook Project Gwolle Guestbook 1.7.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started