Themeboy Sportspress

5 CVEs affecting Themeboy Sportspress. Latest disclosed: 2024-07-30. Critical: 0, High: 0.

Top CVEs affecting Themeboy Sportspress
CVESeverityScorePublishedSummary
CVE-2021-24578Medium6.12021-12-21The SportsPress WordPress plugin before 2.7.9 does not sanitise and escape its match_day parameter before outputting back in the Events backend page, leading t…
CVE-2020-13892Medium5.42020-06-09The SportsPress plugin before 2.7.2 for WordPress allows XSS.
CVE-2024-1178Medium5.32024-03-05The SportsPress – Sports Club & League Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
CVE-2024-3986Medium4.82024-07-30The SportsPress WordPress plugin before 2.7.22 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perf…
CVE-2024-34824Medium4.32024-06-11Missing Authorization vulnerability in ThemeBoy SportsPress – Sports Club & League Manager.This issue affects SportsPress – Sports Club & League Manager: from…