Vendor
Favoriteposts
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53490 | Hig | 0.49 | 7.5 | 0.01 | Dec 5, 2024 | Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java. | ||
| CVE-2023-2304 | Med | 0.42 | 6.4 | 0.01 | May 31, 2023 | The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'user_favorites' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for… |
- risk 0.49cvss 7.5epss 0.01
Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java.
- risk 0.42cvss 6.4epss 0.01
The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'user_favorites' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…