Gwolle Guestbook Project Gwolle Guestbook — known CVE vulnerabilities
Every CVE whose affected-product data names Gwolle Guestbook Project Gwolle Guestbook, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2015-8351 — CVSS 9.0 (critical): PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled…
CVE-2018-17884 — CVSS 6.1 (medium): XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin before 2.5.4 for WordPress via the PATH_INFO to…
CVE-2021-24980 — CVSS 6.1 (medium): The Gwolle Guestbook WordPress plugin before 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it…
CVE-2017-20089 — CVSS 3.5 (low): A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It has been rated as problematic. This issue affects some unknown processing…