Inisev Enhanced_text_widget
3 CVEs affecting Inisev Enhanced_text_widget. Latest disclosed: 2024-03-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0559 | Medium | 6.5 | 2024-03-11 | The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which… |
CVE-2023-3977 | Medium | 4.3 | 2023-07-28 | Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on th… |
CVE-2023-0958 | Medium | 4.3 | 2023-07-28 | Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation fun… |