Wicked Folders

CVEs (21)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2023-0729	Wickedplugins Wicked Folders	Med	0.35	5.4	Jun 9, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_sort_order function. This makes it possible for unauthenticated attackers to…
CVE-2023-0726	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_edit_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0725	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_clone_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0724	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_add_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0722	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_state function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0720	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions…
CVE-2023-0717	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_delete_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0716	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_edit_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0715	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_clone_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0711	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_state function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0685	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_unassign_folders function. This makes it possible for unauthenticated attackers to…
CVE-2023-0684	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_unassign_folders function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions…
CVE-2023-0718	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 8, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0730	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_folder_order function. This makes it possible for unauthenticated attackers to…
CVE-2023-0727	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_delete_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0723	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_move_object function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0719	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_sort_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions…
CVE-2023-0712	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_move_object function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0728	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0713	Wickedplugins Wicked Folders	Med	0.35	5.4	Feb 7, 2023	The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_add_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…

CVE-2023-0729MedJun 9, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_sort_order function. This makes it possible for unauthenticated attackers to…
CVE-2023-0726MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_edit_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0725MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_clone_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0724MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_add_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0722MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_state function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0720MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions…
CVE-2023-0717MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_delete_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0716MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_edit_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0715MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_clone_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0711MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_state function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0685MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_unassign_folders function. This makes it possible for unauthenticated attackers to…
CVE-2023-0684MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_unassign_folders function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions…
CVE-2023-0718MedFeb 8, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0730MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_folder_order function. This makes it possible for unauthenticated attackers to…
CVE-2023-0727MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_delete_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0723MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_move_object function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0719MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_sort_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions…
CVE-2023-0712MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_move_object function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…
CVE-2023-0728MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_folder function. This makes it possible for unauthenticated attackers to invoke…
CVE-2023-0713MedFeb 7, 2023
Wickedplugins
Wicked Folders
risk 0.35cvss 5.4epss 0.00
The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_add_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and…

Page 1 of 2