Theluckywp Luckywp_table_of_contents

6 CVEs affecting Theluckywp Luckywp_table_of_contents. Latest disclosed: 2025-04-03. Critical: 0, High: 0.

Top CVEs affecting Theluckywp Luckywp_table_of_contents
CVESeverityScorePublishedSummary
CVE-2025-2299Medium6.12025-04-03The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.10. This is due to mis…
CVE-2024-2119Medium6.12024-05-22The LuckyWP Table of Contents plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the attrs parameter in all versions up to, and including…
CVE-2024-2953Medium5.52024-05-22The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 2.1.4…
CVE-2024-9641Medium4.82024-12-12The LuckyWP Table of Contents WordPress plugin before 2.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as a…
CVE-2024-2218Medium4.62024-06-14The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as…
CVE-2023-6487Medium4.42024-05-22The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Header Title' field in all versions up to and includin…