Siteground Security vulnerabilities
4 known vulnerabilities affecting siteground/siteground_security.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-0993P2CRITICALCVSS 9.8≤ 1.2.52022-04-19
CVE-2022-0993 [CRITICAL] CWE-285 CVE-2022-0993: The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unau
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and including, 1.2.5.
nvd
CVE-2023-0234P2HIGHCVSS 8.8fixed in 1.3.12023-02-06
CVE-2023-0234 [HIGH] CWE-89 CVE-2023-0234: The SiteGround Security WordPress plugin before 1.3.1 does not properly sanitize user input before u
The SiteGround Security WordPress plugin before 1.3.1 does not properly sanitize user input before using it in an SQL query, leading to an authenticated SQL injection issue.
nvd
CVE-2025-66121P4MEDIUMCVSS 5.3≤ 1.5.82025-12-16
CVE-2025-66121 [MEDIUM] CWE-862 CVE-2025-66121: Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting
Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through <= 1.5.8.
nvd
CVE-2024-38774P4MEDIUMCVSS 5.4≥ n/a, ≤ 1.5.02024-11-01
CVE-2024-38774 [MEDIUM] CWE-862 CVE-2024-38774: Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly
Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0.
nvd