Infinitumform Geo Controller — known CVE vulnerabilities
Every CVE whose affected-product data names Infinitumform Geo Controller, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-3591 — CVSS 6.5 (medium): The Geo Controller WordPress plugin before 8.6.5 unserializes user input via some of its AJAX actions and REST API routes, which could…
CVE-2024-7381 — CVSS 5.3 (medium): The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability…
CVE-2024-7380 — CVSS 4.3 (medium): The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the…