Weather Effect

weather_effect

Vendor: Awplife • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-24709 1Awplife 1Weather Effect Jun 17, 2026 Oct 11, 2021 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like _size_leaf, _flakes_leaf, *_speed) which could lead to Stored Cross-Site Scripting issues
CVE-2021-24683 1Awplife 1Weather Effect Jun 17, 2026 Oct 11, 2021 N/A· v4 5.4 MEDIUM· v3 4.3 MEDIUM· v2 The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue.