Goprayer Wp_prayer

6 CVEs affecting Goprayer Wp_prayer. Latest disclosed: 2024-05-15. Critical: 0, High: 2.

Top CVEs affecting Goprayer Wp_prayer
CVESeverityScorePublishedSummary
CVE-2024-3406High8.82024-05-15The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged i…
CVE-2024-3405High7.62024-05-15The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admi…
CVE-2023-25705Medium5.92023-04-07Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Go Prayer WP Prayer plugin <= 1.9.6 versions.
CVE-2021-24313Medium5.42021-06-01The WP Prayer WordPress plugin before 1.6.2 provides the functionality to store requested prayers/praises and list them on a WordPress website. These stored pr…
CVE-2024-3407Medium5.32024-05-15The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted act…
CVE-2021-4412Medium4.32023-07-12The WP Prayer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to missing or incorrect non…