Armandofiore Fl3r Feelbox — known CVE vulnerabilities
Every CVE whose affected-product data names Armandofiore Fl3r Feelbox, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-4445 — CVSS 9.8 (critical): The FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an…
CVE-2022-4552 — CVSS 6.1 (medium): The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as…
CVE-2022-4553 — CVSS 4.3 (medium): The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating reseting moods which could allow attackers to make…