Bootstrapped Wp_recipe_maker

13 CVEs affecting Bootstrapped Wp_recipe_maker. Latest disclosed: 2024-10-24. Critical: 0, High: 1.

Top CVEs affecting Bootstrapped Wp_recipe_maker
CVESeverityScorePublishedSummary
CVE-2024-1206High8.82024-02-29The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injection via the 'recipes' parameter in all versions up to, and including, 9.1.2 due to insuffic…
CVE-2024-9650Medium6.52024-10-24The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip’ parameter in all versions up to, and including, 9.6.1 d…
CVE-2024-0383Medium6.42024-06-19The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [wprm-recipe-instructions] and [wprm-recipe-ingredients]…
CVE-2024-3490Medium6.42024-05-02The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wprm-recipe-roundup-item shortcode in all versions up to…
CVE-2024-0384Medium6.42024-02-05The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Notes in all versions up to, and including, 9.1.0 due to insuf…
CVE-2024-0382Medium6.42024-02-05The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0…
CVE-2024-0255Medium6.42024-02-05The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprm-recipe-text-share' shortcode in all versions up to…
CVE-2024-0381Medium6.42024-01-18The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-d…
CVE-2023-6958Medium6.42024-01-18The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0…
CVE-2023-6970Medium6.12024-01-18The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to, and including, 9.1.0 d…
CVE-2024-0380Medium5.42024-02-05The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shor…
CVE-2022-4468Medium5.42023-01-09The WP Recipe Maker WordPress plugin before 8.6.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which…
CVE-2024-1571Medium4.42024-04-09The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1…