Magazine3 Pwa_for_wp_\&_amp

4 CVEs affecting Magazine3 Pwa_for_wp_\&_amp. Latest disclosed: 2025-05-15. Critical: 0, High: 1.

Top CVEs affecting Magazine3 Pwa_for_wp_\&_amp
CVESeverityScorePublishedSummary
CVE-2021-4354High8.82023-06-07The PWA for WP & AMP for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pwaforwp_splashscreen_uploader function i…
CVE-2021-4366Medium6.32023-06-07The PWA for WP & AMP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the pwaforwp_update_features_options func…
CVE-2024-7759Medium4.82025-05-15The PWA for WP WordPress plugin before 1.7.72 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfo…
CVE-2024-47318Medium4.32024-11-01Missing Authorization vulnerability in Magazine3 PWA for WP & AMP pwa-for-wp.This issue affects PWA for WP & AMP: from n/a through <= 1.7.72.