CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The Cool Timeline (Horizontal & Vertical Timeline) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctl...Show more |
2Coolplugins Cryptocurrency Payment & Donation Box Plugins10Cool Timeline Cryptocurrency Payment & Donation BoxCryptocurrency Widgets+7 moreJun 17, 2026 Jun 7, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a sub...Show more |