Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpcode wpcode vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-1624
The WPCode WordPress plugin prior to 2.0.9 has a flawed CSRF when deleting log, and does not ensure that the file to be deleted is inside the expected folder. This could allow malicious users to make users with the wpcode_activate_snippets capability delete arbitrary log files on...
Wpcode Wpcode
6.1
CVSSv3
CVE-2023-3524
The WPCode WordPress plugin prior to 2.0.13.1 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
Wpcode Wpcode
4.3
CVSSv3
CVE-2023-0328
The WPCode WordPress plugin prior to 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication (such ...
Wpcode Wpcode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started