Kaswara Project Kaswara — known CVE vulnerabilities
Every CVE whose affected-product data names Kaswara Project Kaswara, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24284 — CVSS 9.8 (critical): The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX…
CVE-2021-4448 — CVSS 7.3 (high): The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.0.1 due to…