Vendor
Wonderplugin
Products
3
CVEs
2
Across products
2
Status
Private
Products
3- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-24877 | Hig | 0.46 | 7.1 | 0.00 | Feb 8, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magic Hills Pty Ltd Wonder Slider Lite allows Reflected XSS.This issue affects Wonder Slider Lite: from n/a through 13.9. | ||
| CVE-2015-2199 | 0.03 | — | 0.03 | Mar 3, 2015 | Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow (1) remote authenticated users to execute arbitrary SQL commands via the item[id] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or remote… |
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magic Hills Pty Ltd Wonder Slider Lite allows Reflected XSS.This issue affects Wonder Slider Lite: from n/a through 13.9.
- CVE-2015-2199Mar 3, 2015risk 0.03cvss —epss 0.03
Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow (1) remote authenticated users to execute arbitrary SQL commands via the item[id] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or remote…