Wpdelicious Wp Delicious vulnerabilities
2 known vulnerabilities affecting wpdelicious/wp_delicious.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-7626P3HIGHCVSS 8.1fixed in 1.7.02024-09-11
CVE-2024-7626 [HIGH] CWE-73 CVE-2024-7626: The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in the save_edit_profile_details() function in all versions up to, and including, 1.6.9. This makes it possible for authenticated attackers, with subscriber-leve
nvd
CVE-2024-43935P4MEDIUMCVSS 5.4fixed in 1.6.82024-08-29
CVE-2024-43935 [MEDIUM] CWE-79 CVE-2024-43935: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Delicious Delicious Recipes – WordPress Recipe Plugin allows Stored XSS.This issue affects Delicious Recipes – WordPress Recipe Plugin: from n/a through 1.6.7.
nvd