Known Vulnerabilities for products from Wpwhitesecurity
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Wpwhitesecurity".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-6506 json | The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference... | Not Provided | 2024-01-11 | 2026-04-08 |
| CVE-2023-2286 json | The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This i... | Not Provided | 2023-06-09 | 2026-04-08 |
| CVE-2023-2285 json | The WP Activity Log Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including... | Not Provided | 2023-06-09 | 2026-04-08 |
| CVE-2023-2284 json | The WP Activity Log Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabili... | Not Provided | 2023-06-09 | 2026-04-08 |
| CVE-2023-2261 json | The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handl... | Not Provided | 2023-06-09 | 2026-04-08 |
| CVE-2022-2891 json | The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abu... | 5.9 - MEDIUM | 2022-10-10 | 2023-11-07 |
| CVE-2022-2269 json | The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a S... | 9.8 - CRITICAL | 2022-08-08 | 2022-08-12 |
| CVE-2022-2184 json | The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive require_once call in one of its admin-side te... | 8.8 - HIGH | 2022-08-01 | 2022-08-05 |
| CVE-2022-1527 json | The WP 2FA WordPress plugin before 2.2.1 does not sanitise and escape a parameter before outputting it back in an admin page,... | 6.1 - MEDIUM | 2022-05-30 | 2022-06-08 |
| CVE-2020-36716 json | The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setup... | Not Provided | 2023-06-07 | 2026-04-08 |