Projectcaruso Pray_for_me
2 CVEs affecting Projectcaruso Pray_for_me. Latest disclosed: 2024-06-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3966 | Medium | 6.1 | 2024-06-14 | The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripti… |
CVE-2024-3965 | Medium | 5.4 | 2024-06-14 | The Pray For Me WordPress plugin through 1.0.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in ad… |