Inisev Enhanced_text_widget

3 CVEs affecting Inisev Enhanced_text_widget. Latest disclosed: 2024-03-11. Critical: 0, High: 0.

Top CVEs affecting Inisev Enhanced_text_widget
CVESeverityScorePublishedSummary
CVE-2024-0559Medium6.52024-03-11The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which…
CVE-2023-3977Medium4.32023-07-28Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on th…
CVE-2023-0958Medium4.32023-07-28Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation fun…