← Back

Pray For Me

pray_for_me

Vendor: Projectcaruso • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-3966
1Projectcaruso
1Pray For Me
Jun 17, 2026
Jun 14, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Reque...Show more
The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP AdminShow less
CVE-2024-3965
1Projectcaruso
1Pray For Me
Jun 17, 2026
Jun 14, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Pray For Me WordPress plugin through 1.0.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack