Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wow-company wp coder vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-25053
The WP Coder WordPress plugin prior to 2.5.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.
Wow-company Wp Coder
6.5
CVSSv3
CVE-2022-2388
The WP Coder WordPress plugin prior to 2.5.3 does not have CSRF check in place when deleting code created by the plugin, which could allow malicious users to make a logged in admin delete arbitrary ones via a CSRF attack
Wow-company Wp Coder
6.1
CVSSv3
CVE-2023-2362
The Float menu WordPress plugin prior to 5.0.2, Bubble Menu WordPress plugin prior to 3.0.4, Button Generator WordPress plugin prior to 2.3.5, Calculator Builder WordPress plugin prior to 1.5.1, Counter Box WordPress plugin prior to 1.2.2, Floating Button WordPress plugin prior t...
Wow-company Button Generator
Wow-company Bubble Menu
Wow-company Float Menu
Wow-company Wp Coder
Wow-company Wow Skype Buttons
Wow-company Sticky Buttons
Wow-company Side Menu Lite
Wow-company Herd Effects
Wow-company Floating Button
Wow-company Counter Box
Wow-company Calculator-builder
Wow-company Popup Box
4.9
CVSSv3
CVE-2023-0895
The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient prepa...
Wow-company Wp Coder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started