Squirrly Starbox

6 CVEs affecting Squirrly Starbox. Latest disclosed: 2024-09-30. Critical: 0, High: 0.

Top CVEs affecting Squirrly Starbox
CVESeverityScorePublishedSummary
CVE-2023-6806Medium6.42024-02-29The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Settings user profile fields in all versions up to, and including, 3…
CVE-2024-0256Medium6.42024-02-07The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Profile Display Name and Social Settings in all versions up to, and inclu…
CVE-2024-1273Medium6.12024-03-11The Starbox WordPress plugin before 3.5.0 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cr…
CVE-2024-8239Medium5.42024-09-30The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages…
CVE-2024-7955Medium4.82024-09-10The Starbox WordPress plugin before 3.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform S…
CVE-2024-0366Medium4.32024-02-05The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via…