Wpb Show Core Project Wpb Show Core — known CVE vulnerabilities
Every CVE whose affected-product data names Wpb Show Core Project Wpb Show Core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-4922 — CVSS 9.8 (critical): The WPB Show Core WordPress plugin through 2.2 is vulnerable to a local file inclusion via the `path` parameter.
CVE-2023-5974 — CVSS 9.8 (critical): The WPB Show Core WordPress plugin through 2.2 is vulnerable to server-side request forgery (SSRF) via the `path` parameter.
CVE-2022-3484 — CVSS 6.1 (medium): The WPB Show Core WordPress plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected…
CVE-2024-1956 — CVSS 6.1 (medium): The wpb-show-core WordPress plugin before 2.7 does not sanitise and escape the parameters before outputting it back in the response of an…
CVE-2024-1958 — CVSS 4.8 (medium): The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a…
CVE-2024-1292 — CVSS 4.7 (medium): The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape some parameters before outputting them back in the page, leading…