← Back

Mainwp Child Reports

mainwp_child_reports

Vendor: Mainwp • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-33680
1Mainwp
1Mainwp Child Reports
Jun 17, 2026
Apr 26, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue affects MainWP Child Reports: from n/a through 2.1.1.
CVE-2021-24754
1Mainwp
1Mainwp Child Reports
Jun 17, 2026
Oct 18, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
The MainWP Child Reports WordPress plugin before 2.0.8 does not validate or sanitise the order parameter before using it in a SQL statement in the admin dashboard, leading to an SQL injection issue