Wordpress Wassup Plugin vulnerabilities
2 known vulnerabilities affecting wordpress/wassup_plugin.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-0520P3HIGHCVSS 7.5PoC≤ 1.4.3v1.42008-01-31
CVE-2008-0520 [HIGH] CWE-89 CVE-2008-0520: Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPr
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.
nvd
CVE-2012-2633P4MEDIUMCVSS 4.3≤ 1.8.3v1.4+6 more2012-06-15
CVE-2012-2633 [MEDIUM] CWE-79 CVE-2012-2633: Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordP
Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.
nvd