Ithemes Security vulnerabilities
2 known vulnerabilities affecting ithemes/security.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2018-12636P3HIGHCVSS 7.2PoCfixed in 7.0.32018-06-22
CVE-2018-12636 [HIGH] CWE-89 CVE-2018-12636: The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by
The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.
nvd
CVE-2018-7433P3HIGHCVSS 7.5≤ 6.9.02018-03-02
CVE-2018-7433 [HIGH] CWE-532 CVE-2018-7433: The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for t
The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page.
nvd