Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wow-company wp coder vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-2388
The WP Coder WordPress plugin prior to 2.5.3 does not have CSRF check in place when deleting code created by the plugin, which could allow malicious users to make a logged in admin delete arbitrary ones via a CSRF attack
Wow-company Wp Coder
8.8
CVSSv3
CVE-2021-25053
The WP Coder WordPress plugin prior to 2.5.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.
Wow-company Wp Coder
4.9
CVSSv3
CVE-2023-0895
The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient prepa...
Wow-company Wp Coder
6.1
CVSSv3
CVE-2023-2362
The Float menu WordPress plugin prior to 5.0.2, Bubble Menu WordPress plugin prior to 3.0.4, Button Generator WordPress plugin prior to 2.3.5, Calculator Builder WordPress plugin prior to 1.5.1, Counter Box WordPress plugin prior to 1.2.2, Floating Button WordPress plugin prior t...
Wow-company Button Generator
Wow-company Bubble Menu
Wow-company Float Menu
Wow-company Wp Coder
Wow-company Wow Skype Buttons
Wow-company Sticky Buttons
Wow-company Side Menu Lite
Wow-company Herd Effects
Wow-company Floating Button
Wow-company Counter Box
Wow-company Calculator-builder
Wow-company Popup Box
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started