Filtered by vendor Mainwp
Subscriptions
Filtered by product Mainwp Child
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3132 | 1 Mainwp | 1 Mainwp Child | 2024-11-06 | 5.9 Medium |
| The MainWP Child plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.4.1.1 due to insufficient controls on the storage of back-up files. This makes it possible for unauthenticated attackers to extract sensitive data including the entire installations database if a backup occurs and the deletion of the back-up files fail. | ||||
| CVE-2021-24877 | 1 Mainwp | 1 Mainwp Child | 2024-08-03 | 7.2 High |
| The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed | ||||
Page 1 of 1.