Every CVE whose affected-product data names Themeboy Sportspress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-24578 — CVSS 6.1 (medium): The SportsPress WordPress plugin before 2.7.9 does not sanitise and escape its match_day parameter before outputting back in the Events…
CVE-2024-1178 — CVSS 5.3 (medium): The SportsPress – Sports Club & League Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing…
CVE-2024-3986 — CVSS 4.8 (medium): The SportsPress WordPress plugin before 2.7.22 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2024-34824 — CVSS 4.3 (medium): Missing Authorization vulnerability in ThemeBoy SportsPress – Sports Club & League Manager.This issue affects SportsPress – Sports Club…