Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
prayer project prayer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-18655
Prayer up to and including 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting.
Prayer Project Prayer
5.4
CVSSv2
CVE-2014-7546
The Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Buddhist Prayer Project Buddhist Prayer 3
NA
CVE-2023-27631
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.05.04 versions.
Daily Prayer Time Project Daily Prayer Time
NA
CVE-2023-27632
Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.03.08 versions.
Daily Prayer Time Project Daily Prayer Time
3.5
CVSSv2
CVE-2021-24523
The Daily Prayer Time WordPress plugin prior to 2021.08.10 does not sanitise or escape some of its settings before outputting them in the page, leading to Authenticated Stored Cross-Site Scripting issues.
Daily Prayer Time Project Daily Prayer Time
7.5
CVSSv2
CVE-2022-0785
The Daily Prayer Time WordPress plugin prior to 2022.03.01 does not sanitise and escape the month parameter before using it in a SQL statement via the get_monthly_timetable AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection
Daily Prayer Time Project Daily Prayer Time
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started