Unknown Ekc Tournament Manager vulnerabilities
3 known vulnerabilities affecting unknown/ekc_tournament_manager.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-9765MEDIUMCVSS 6.5PoCfixed in 2.2.22025-05-15
CVE-2024-9765 [MEDIUM] CWE-552 CVE-2024-9765: The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system
The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system files outside of the WordPress directory
cvelistv5nvd
CVE-2024-9711MEDIUMCVSS 5.4fixed in 2.2.22025-05-15
CVE-2024-9711 [MEDIUM] CWE-352 CVE-2024-9711: The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when upda
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
cvelistv5nvd
CVE-2024-9709MEDIUMCVSS 5.4fixed in 2.2.22025-05-15
CVE-2024-9709 [MEDIUM] CWE-352 CVE-2024-9709: The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when upda
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
cvelistv5nvd