Ngothang Wp Multitasking — known CVE vulnerabilities
Every CVE whose affected-product data names Ngothang Wp Multitasking, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-6859 — CVSS 5.4 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2024-8189 — CVSS 4.4 (medium): The WP MultiTasking – WP Utilities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpmt_menu_name’…
CVE-2024-6855 — CVSS 4.3 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit popups, which could allow attackers to make…
CVE-2024-6856 — CVSS 4.3 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow…
CVE-2024-6852 — CVSS 4.3 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when updating its settings, which could allow…
CVE-2024-6860 — CVSS 4.3 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its permalink suffix settings, which could allow…
CVE-2024-6857 — CVSS 4.3 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its Header, Footer and Body Script Settings…
CVE-2024-6853 — CVSS 4.3 (medium): The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating welcome popups, which could allow attackers to…