Every CVE whose affected-product data names 2code Wpqa Builder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2024-2376 — CVSS 8.8 (high): The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in…
CVE-2022-3688 — CVSS 8.8 (high): The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to…
CVE-2022-1597 — CVSS 6.1 (medium): The WPQA Builder WordPress plugin before 5.4, used as a companion for the Discy and Himer , does not sanitise and escape a parameter on its…
CVE-2022-1051 — CVSS 5.4 (medium): The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the…
CVE-2024-2375 — CVSS 5.4 (medium): The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider settings, which could allow high privilege…
CVE-2022-1598 — CVSS 5.3 (medium): The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint…
CVE-2022-2198 — CVSS 4.3 (medium): The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before…
CVE-2022-1425 — CVSS 4.3 (medium): The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the…
CVE-2022-1349 — CVSS 4.3 (medium): The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the value…
CVE-2022-3343 — CVSS 3.5 (low): The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly…