Mw Wp Form Project Mw Wp Form — known CVE vulnerabilities
Every CVE whose affected-product data names Mw Wp Form Project Mw Wp Form, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-28408 — CVSS 9.8 (critical): Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website…
CVE-2023-28409 — CVSS 9.8 (critical): Unrestricted upload of file with dangerous type exists in MW WP Form versions v4.4.2 and earlier, which may allow a remote unauthenticated…
CVE-2023-6316 — CVSS 9.8 (critical): The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the…