Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kibokolabs vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-12345
XSS exists in the Kiboko Hostel plugin prior to 1.1.4 for WordPress.
Kibokolabs Hostel
4.3
CVSSv3
CVE-2015-9418
The Watu Pro plugin prior to 4.9.0.8 for WordPress has CSRF that allows an malicious user to delete quizzes.
Kibokolabs Watupro
6.1
CVSSv3
CVE-2021-38317
The Konnichiwa! Membership WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the plan_id parameter in the ~/views/subscriptions.html.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 0.8.3.
Kibokolabs Konnichiwa
6.1
CVSSv3
CVE-2021-38358
The MoolaMojo WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the classes parameter found in the ~/views/button-generator.html.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 0.7.4.1.
Kibokolabs Moolamojo
4.8
CVSSv3
CVE-2023-0545
The Hostel WordPress plugin prior to 1.1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite set...
Kibokolabs Hostel
6.1
CVSSv3
CVE-2022-4209
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it p...
Kibokolabs Chained Quiz
6.1
CVSSv3
CVE-2023-0428
The Watu Quiz WordPress plugin prior to 3.3.8.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Kibokolabs Watu Quiz
4.8
CVSSv3
CVE-2023-0429
The Watu Quiz WordPress plugin prior to 3.3.8.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite ...
Kibokolabs Watu Quiz
6.1
CVSSv3
CVE-2016-10892
The chained-quiz plugin prior to 1.0 for WordPress has multiple XSS issues.
Kibokolabs Chained Quiz
5.4
CVSSv3
CVE-2021-24690
The Chained Quiz WordPress plugin prior to 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings.
Kibokolabs Chained Quiz
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »