Every CVE whose affected-product data names Tri Gigpress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-0381 — CVSS 8.8 (high): The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL…
CVE-2015-9353 — CVSS 7.2 (high): The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.
CVE-2015-4066 — CVSS 6.5 (medium): Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated…
CVE-2022-4759 — CVSS 5.4 (medium): The GigPress WordPress plugin before 2.3.28 does not validate and escape some of its shortcode attributes before outputting them back in a…
CVE-2023-7233 — CVSS 4.8 (medium): The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings, which could allow high privilege users such…