Marcomilesi Wp Attachments — known CVE vulnerabilities
Every CVE whose affected-product data names Marcomilesi Wp Attachments, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-3469 — CVSS 4.8 (medium): The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its settings, which could allow high-privilege users…
CVE-2022-4330 — CVSS 4.8 (medium): The WP Attachments WordPress plugin before 5.0.6 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2023-45651 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi WP Attachments allows Cross Site Request Forgery.This issue affects WP…