Codemenschen Gift Vouchers — known CVE vulnerabilities
Every CVE whose affected-product data names Codemenschen Gift Vouchers, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-16159 — CVSS 9.8 (critical): The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php…
CVE-2023-28662 — CVSS 9.8 (critical): The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection…
CVE-2024-13520 — CVSS 5.3 (medium): The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of…