Bootstrapped Wp_recipe_maker
13 CVEs affecting Bootstrapped Wp_recipe_maker. Latest disclosed: 2024-10-24. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1206 | High | 8.8 | 2024-02-29 | The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injection via the 'recipes' parameter in all versions up to, and including, 9.1.2 due to insuffic… |
CVE-2024-9650 | Medium | 6.5 | 2024-10-24 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip’ parameter in all versions up to, and including, 9.6.1 d… |
CVE-2024-0383 | Medium | 6.4 | 2024-06-19 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [wprm-recipe-instructions] and [wprm-recipe-ingredients]… |
CVE-2024-3490 | Medium | 6.4 | 2024-05-02 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wprm-recipe-roundup-item shortcode in all versions up to… |
CVE-2024-0384 | Medium | 6.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Notes in all versions up to, and including, 9.1.0 due to insuf… |
CVE-2024-0382 | Medium | 6.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0… |
CVE-2024-0255 | Medium | 6.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprm-recipe-text-share' shortcode in all versions up to… |
CVE-2024-0381 | Medium | 6.4 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-d… |
CVE-2023-6958 | Medium | 6.4 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0… |
CVE-2023-6970 | Medium | 6.1 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to, and including, 9.1.0 d… |
CVE-2024-0380 | Medium | 5.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shor… |
CVE-2022-4468 | Medium | 5.4 | 2023-01-09 | The WP Recipe Maker WordPress plugin before 8.6.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which… |
CVE-2024-1571 | Medium | 4.4 | 2024-04-09 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1… |