Filtered by vendor Wp Athletics Project Subscriptions
Filtered by product Wp Athletics Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-1773 1 Wp Athletics Project 1 Wp Athletics 2024-11-21 6.1 Medium
The WP Athletics WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting
CVE-2022-1549 1 Wp Athletics Project 1 Wp Athletics 2024-11-21 5.4 Medium
The WP Athletics WordPress plugin through 1.1.7 does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability.