Php Everywhere Project Php Everywhere — known CVE vulnerabilities
Every CVE whose affected-product data names Php Everywhere Project Php Everywhere, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-24663 — CVSS 9.9 (critical): PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by…
CVE-2022-24664 — CVSS 9.9 (critical): PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by…
CVE-2022-24665 — CVSS 9.9 (critical): PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able…
CVE-2021-23227 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Alexander Fuchs PHP Everywhere plugin <= 2.0.2 versions.