Ngothang Wp_multitasking
8 CVEs affecting Ngothang Wp_multitasking. Latest disclosed: 2025-04-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6859 | Medium | 5.4 | 2024-09-08 | The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post w… |
CVE-2024-8189 | Medium | 4.4 | 2024-09-28 | The WP MultiTasking – WP Utilities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpmt_menu_name’ parameter in all versions up to… |
CVE-2024-6860 | Medium | 4.3 | 2025-04-09 | The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its permalink suffix settings, which could allow attackers to make… |
CVE-2024-6857 | Medium | 4.3 | 2025-04-09 | The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its Header, Footer and Body Script Settings, which could allow atta… |
CVE-2024-6856 | Medium | 4.3 | 2024-09-08 | The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged… |
CVE-2024-6855 | Medium | 4.3 | 2024-09-08 | The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit popups, which could allow attackers to make logged admins perf… |
CVE-2024-6853 | Medium | 4.3 | 2024-09-08 | The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating welcome popups, which could allow attackers to make logged admins p… |
CVE-2024-6852 | Medium | 4.3 | 2024-09-08 | The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged… |