Boxystudio Cooked

11 CVEs affecting Boxystudio Cooked. Latest disclosed: 2024-10-20. Critical: 1, High: 0.

Top CVEs affecting Boxystudio Cooked
CVESeverityScorePublishedSummary
CVE-2022-3900Critical9.82022-12-12The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore…
CVE-2023-44477Medium6.52023-10-02Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Boxy Studio Cooked plugin <= 1.7.13 versions.
CVE-2024-39682Medium6.42024-07-18Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.7.15.4 due to insu…
CVE-2021-24233Medium6.12021-04-22The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user inpu…
CVE-2024-41816Medium5.42024-08-05Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the ‘[cooked-timer]’ shortc…
CVE-2024-39681Medium5.42024-07-18Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to, and including, 1…
CVE-2024-39680Medium5.42024-07-18Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to, and including, 1…
CVE-2024-37308Medium5.42024-06-13The Cooked Pro recipe plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the `_recipe_settings[post_title]` parameter in versions…
CVE-2024-49290Medium4.32024-10-20Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1…
CVE-2024-39679Medium4.32024-07-18Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to, and including, 1…
CVE-2024-39678Medium4.32024-07-18Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to, and including, 1.7.15.4 due to…