VYPR

Siteground Security

by Siteground

CVEs (4)

  • CVE-2022-0993HigApr 19, 2022
    risk 0.53cvss 8.1epss 0.07

    The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects…

  • CVE-2024-38774MedNov 1, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0.

  • CVE-2025-66121MedDec 16, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through <= 1.5.8.

  • CVE-2019-25217Oct 16, 2024
    risk 0.01cvss epss 0.01

    The SiteGround Optimizer plugin for WordPress is vulnerable to authorization bypass leading to Remote Code Execution and Local File Inclusion in versions up to, and including, 5.0.12 due to incorrect use of an access control attribute on the switch_php function called via the…