Bowo System_dashboard
9 CVEs affecting Bowo System_dashboard. Latest disclosed: 2025-01-30. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-12299 | Medium | 6.1 | 2025-01-30 | The System Dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Filename parameter in all versions up to, and including, 2.8… |
CVE-2024-11107 | Medium | 6.1 | 2024-12-10 | The System Dashboard WordPress plugin before 2.8.15 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenti… |
CVE-2023-7246 | Medium | 5.4 | 2024-03-20 | The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress confi… |
CVE-2024-10708 | Medium | 4.9 | 2024-12-10 | The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perfor… |
CVE-2023-5714 | Medium | 4.3 | 2023-12-07 | The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_db_specs() function hooked v… |
CVE-2023-5713 | Medium | 4.3 | 2023-12-07 | The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_option_value() function hook… |
CVE-2023-5712 | Medium | 4.3 | 2023-12-07 | The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_global_value() function hook… |
CVE-2023-5711 | Medium | 4.3 | 2023-12-07 | The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_php_info() function hooked v… |
CVE-2023-5710 | Medium | 4.3 | 2023-12-07 | The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_constants() function hooked… |