Filtered by vendor Ithemes
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7433 | 1 Ithemes | 1 Security | 2024-08-05 | N/A |
| The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page. | ||||
| CVE-2020-36176 | 1 Ithemes | 1 Ithemes Security | 2024-08-04 | 7.5 High |
| The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs. | ||||
| CVE-2020-14092 | 1 Ithemes | 1 Paypal Pro | 2024-08-04 | 9.8 Critical |
| The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. | ||||
| CVE-2022-31474 | 1 Ithemes | 1 Backupbuddy | 2024-08-03 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in iThemes BackupBuddy allows Path Traversal.This issue affects BackupBuddy: from 8.5.8.0 through 8.7.4.1. | ||||
| CVE-2022-4897 | 1 Ithemes | 1 Backupbuddy | 2024-08-03 | 6.1 Medium |
| The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting | ||||