Byonepress Social Locker — known CVE vulnerabilities
Every CVE whose affected-product data names Byonepress Social Locker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-1608 — CVSS 6.5 (medium): The OnePress Social Locker WordPress plugin through 5.6.2 does not have CSRF check in place when updating its settings, which could allow…
CVE-2015-9425 — CVSS 5.4 (medium): The social-locker plugin before 4.2.5 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=opanda-item&page=license…