Brechtvds Wp Recipe Maker
17 CVEs affecting Brechtvds Wp Recipe Maker. Latest disclosed: 2026-02-27. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1206 | High | 8.8 | 2024-02-29 | The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injection via the 'recipes' parameter in all versions up to, and including, 9.1.2 due to insuffic… |
CVE-2024-9650 | Medium | 6.5 | 2024-10-24 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip’ parameter in all versions up to, and including, 9.6.1 d… |
CVE-2025-14385 | Medium | 6.4 | 2025-12-17 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' parameter in all versions up to, and including, 10.2.3 due… |
CVE-2025-1503 | Medium | 6.4 | 2025-03-13 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Roundup Recipe Name field in all versions up to, and including, 9… |
CVE-2024-0383 | Medium | 6.4 | 2024-06-19 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [wprm-recipe-instructions] and [wprm-recipe-ingredients]… |
CVE-2024-3490 | Medium | 6.4 | 2024-05-02 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wprm-recipe-roundup-item shortcode in all versions up to… |
CVE-2024-0384 | Medium | 6.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Notes in all versions up to, and including, 9.1.0 due to insuf… |
CVE-2024-0382 | Medium | 6.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0… |
CVE-2024-0255 | Medium | 6.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprm-recipe-text-share' shortcode in all versions up to… |
CVE-2024-0381 | Medium | 6.4 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-d… |
CVE-2023-6958 | Medium | 6.4 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0… |
CVE-2023-6970 | Medium | 6.1 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to, and including, 9.1.0 d… |
CVE-2024-0380 | Medium | 5.4 | 2024-02-05 | The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shor… |
CVE-2026-1558 | Medium | 5.3 | 2026-02-27 | The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference (IDOR) in versions up to, and including, 10.3.2. This is due to t… |
CVE-2024-1571 | Medium | 4.4 | 2024-04-09 | The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1… |
CVE-2025-14742 | Medium | 4.3 | 2026-02-25 | The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax_search_recipes' and 'ajax_… |
CVE-2025-15527 | Medium | 4.3 | 2026-01-16 | The WP Recipe Maker plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 10.2.2 via the api_get_post_summary function d… |