Amtythumb Project Amtythumb — known CVE vulnerabilities
Every CVE whose affected-product data names Amtythumb Project Amtythumb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-1683 — CVSS 8.8 (high): The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode…
CVE-2017-17059 — CVSS 6.1 (medium): XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts or wp-thumb-post) plugin 8.1.3 for WordPress via the query string…