VYPR

Connexion Logs

by Connexion

CVEs (2)

  • CVE-2024-11372HigMay 15, 2025
    risk 0.47cvss 7.2epss 0.01

    The Connexion Logs WordPress plugin through 3.0.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks

  • CVE-2024-11373MedMay 15, 2025
    risk 0.28cvss 4.3epss 0.00

    The Connexion Logs WordPress plugin through 3.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack