Ithemes Security — known CVE vulnerabilities
Every CVE whose affected-product data names Ithemes Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
- CVE-2018-7433 — CVSS 7.5 (high): The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page.
- CVE-2018-12636 — CVSS 7.2 (high): The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via…