VYPR

Bwl Advanced Faq Manager

by WordPress

CVEs (2)

  • CVE-2024-13801HigMar 26, 2025
    risk 0.53cvss 8.1epss 0.00

    The BWL Advanced FAQ Manager plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'baf_set_notice_status' AJAX action in all versions up to, and including, 2.1.4. This makes it…

  • CVE-2024-32136HigApr 15, 2024
    risk 0.50cvss 7.6epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3.