Mm-breaking_news_project Mm-breaking_news
2 CVEs affecting Mm-breaking_news_project Mm-breaking_news. Latest disclosed: 2024-09-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-8056 | Medium | 6.1 | 2024-09-12 | The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which coul… |
CVE-2024-8054 | Medium | 6.1 | 2024-09-12 | The MM-Breaking News WordPress plugin through 0.7.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow… |