VYPR

All-In-One Security

by WordPress

CVEs (4)

  • CVE-2022-44737MedNov 22, 2022
    risk 0.42cvss 6.5epss 0.00

    Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.

  • CVE-2022-4346MedJan 23, 2023
    risk 0.35cvss 5.3epss 0.01

    The All-In-One Security (AIOS) WordPress plugin before 5.1.3 leaked settings of the plugin publicly, including the used email address.

  • CVE-2022-4097MedDec 12, 2022
    risk 0.34cvss 5.3epss 0.01

    The All-In-One Security (AIOS) WordPress plugin before 5.0.8 is susceptible to IP Spoofing attacks, which can lead to bypassed security features (like IP blocks, rate limiting, brute force protection, and more).

  • CVE-2024-1037MedFeb 7, 2024
    risk 0.33cvss 6.1epss 0.01

    The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes it possible…