Every CVE whose affected-product data names Goprayer Wp Prayer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-3406 — CVSS 8.8 (high): The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow…
CVE-2024-3405 — CVSS 7.6 (high): The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to…
CVE-2021-24313 — CVSS 5.4 (medium): The WP Prayer WordPress plugin before 1.6.2 provides the functionality to store requested prayers/praises and list them on a WordPress…
CVE-2024-3407 — CVSS 5.3 (medium): The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users…
CVE-2021-4412 — CVSS 4.3 (medium): The WP Prayer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to…