Bootstrapped Wp Recipe Maker — known CVE vulnerabilities
Every CVE whose affected-product data names Bootstrapped Wp Recipe Maker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2024-1206 — CVSS 8.8 (high): The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injection via the 'recipes' parameter in all versions up to, and including…
CVE-2024-9650 — CVSS 6.5 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip’ parameter in all versions up…
CVE-2024-0255 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprm-recipe-text-share' shortcode…
CVE-2024-0381 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the…
CVE-2024-0382 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to…
CVE-2023-6958 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to…
CVE-2024-0383 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [wprm-recipe-instructions] and…
CVE-2024-0384 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Notes in all versions up to, and…
CVE-2024-3490 — CVSS 6.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wprm-recipe-roundup-item shortcode…
CVE-2023-6970 — CVSS 6.1 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to…
CVE-2024-0380 — CVSS 5.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon'…
CVE-2022-4468 — CVSS 5.4 (medium): The WP Recipe Maker WordPress plugin before 8.6.1 does not validate and escape some of its shortcode attributes before outputting them back…
CVE-2024-1571 — CVSS 4.4 (medium): The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to…