VYPR

Mainwp Child Reports

by Mainwp

CVEs (3)

  • CVE-2024-33680MedApr 26, 2024
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue affects MainWP Child Reports: from n/a through 2.1.1.

  • CVE-2026-4299MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.01

    The MainWP Child Reports plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 2.2.6. This is due to a missing capability check in the heartbeat_received() function in the Live_Update class. This makes it possible for authenticated…

  • CVE-2024-7492Aug 8, 2024
    risk 0.00cvss epss 0.00

    The MainWP Child Reports plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the network_options_action() function. This makes it possible for unauthenticated…