Every CVE whose affected-product data names Awin Awin Data Feed, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-1937 — CVSS 6.1 (medium): The Awin Data Feed WordPress plugin before 1.8 does not sanitise and escape a parameter before outputting it back via an AJAX action…
CVE-2022-1938 — CVSS 5.4 (medium): The Awin Data Feed WordPress plugin before 1.8 does not sanitise and escape a header when processing request to generate analytics data…