Filtered by vendor Futuriowp
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-40201 | 1 Futuriowp | 1 Futurio Extra | 2024-09-20 | 6.5 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin. | ||||
CVE-2021-25109 | 1 Futuriowp | 1 Futurio Extra | 2024-08-03 | 2.7 Low |
The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cross-Site Scripting (XSS) against logged in admins by making send open a malicious link. | ||||
CVE-2021-25110 | 1 Futuriowp | 1 Futurio Extra | 2024-08-03 | 4.3 Medium |
The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address. |
Page 1 of 1.