CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Dsgvo For Wp 1Dsgvo All In One For Wp May 23, 2025 Feb 4, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The DSGVO All in one for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6. This is due to missing or incorrect nonce validation in the user_remove_form.php fil...Show more |
1Dsgvo For Wp 1Dsgvo All In One For Wp Sep 3, 2024 Aug 29, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in one for WP: from n/a...Show more |
1Dsgvo For Wp 1Dsgvo All In One For Wp Apr 28, 2026 Apr 11, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Michael Leithold DSGVO All in one for WP.This issue affects DSGVO All in one for WP: from n/a through 4.3. |
1Dsgvo For Wp 1Dsgvo All In One For Wp Nov 21, 2024 Oct 3, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The DSGVO All in one for WP WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...Show more |