Every CVE whose affected-product data names Wpvnteam Wp Extra, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-46623 — CVSS 9.9 (critical): Improper Control of Generation of Code ('Code Injection') vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through…
CVE-2023-5311 — CVSS 8.8 (high): The WP EXtra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the register()…
CVE-2023-46212 — CVSS 6.3 (medium): Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra allows Accessing Functionality Not Properly…
CVE-2023-5314 — CVSS 4.3 (medium): The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the…