Every CVE whose affected-product data names Winn Winn Guestbook, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2009-4678 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in Winn Guestbook 2.4 allows remote attackers to inject arbitrary web script or HTML…
CVE-2011-5026 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the addPost function in data/functions.php in Winn GuestBook before 2.4.8d allows remote…