CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Gwolle Guestbook Project 1Gwolle Guestbook Nov 21, 2024 Jun 23, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The attack may be initiated...Show more |
1Gwolle Guestbook Project 1Gwolle Guestbook Nov 21, 2024 Dec 27, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Gwolle Guestbook WordPress plugin before 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin...Show more |
1Gwolle Guestbook Project 1Gwolle Guestbook Nov 21, 2024 Oct 2, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin before 2.5.4 for WordPress via the PATH_INFO to wp-admin/index.php |
1Gwolle Guestbook Project 1Gwolle Guestbook May 13, 2026 Sep 11, 2017 N/A· v4 9.0 CRITICAL· v3 6.8 MEDIUM· v2 PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspa...Show more |