Matbao Wp Helper Premium vulnerabilities
3 known vulnerabilities affecting matbao/wp_helper_premium.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-0448P3MEDIUMCVSS 6.1PoCfixed in 4.32023-01-26
CVE-2023-0448 [MEDIUM] CWE-79 CVE-2023-0448: The WP Helper Lite WordPress plugin, in versions < 4.3, returns all GET parameters unsanitized in th
The WP Helper Lite WordPress plugin, in versions < 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability.
nvd
CVE-2023-46614P4HIGHCVSS 8.8fixed in 4.5.22023-11-09
CVE-2023-46614 [HIGH] CWE-352 CVE-2023-46614: Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 ve
Cross-Site Request Forgery (CSRF) vulnerability in Mat Bao Corp WP Helper Premium plugin <= 4.5.1 versions.
nvd
CVE-2024-9065P4MEDIUMCVSS 5.3≤ 4.6.12024-10-10
CVE-2024-9065 [MEDIUM] CWE-862 CVE-2024-9065: The WP Helper Premium plugin for WordPress is vulnerable to unauthorized modification of data due to
The WP Helper Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'whp_smtp_send_mail_test' function in all versions up to, and including, 4.6.1. This makes it possible for unauthenticated attackers to send emails containing any content and originating from the vulnerable WordPress i
nvd