Every CVE whose affected-product data names Squirrly Starbox, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-6806 — CVSS 6.4 (medium): The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Settings user profile fields in all versions up…
CVE-2024-0256 — CVSS 6.4 (medium): The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Profile Display Name and Social Settings in all…
CVE-2024-1273 — CVSS 6.1 (medium): The Starbox WordPress plugin before 3.5.0 does not sanitise and escape some parameters, which could allow users with a role as low as…
CVE-2024-8239 — CVSS 5.4 (medium): The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious…
CVE-2024-7955 — CVSS 4.8 (medium): The Starbox WordPress plugin before 3.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as…
CVE-2024-0366 — CVSS 4.3 (medium): The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…