Every CVE whose affected-product data names Motopress Getwid, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2023-1895 — CVSS 8.5 (high): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API…
CVE-2023-6042 — CVSS 7.5 (high): Any unauthenticated user may send e-mail from the site with any title or content to the admin
CVE-2024-10872 — CVSS 6.4 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `template-post-custom-field`…
CVE-2024-1948 — CVSS 6.4 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block content in all versions up…
CVE-2024-3588 — CVSS 6.4 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown block in all…
CVE-2024-6489 — CVSS 5.3 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
CVE-2023-6963 — CVSS 5.3 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it…
CVE-2023-1910 — CVSS 4.3 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability…
CVE-2024-6491 — CVSS 4.3 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
CVE-2023-6959 — CVSS 4.3 (medium): The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…