Acurax
acurax
6 CVEs • 3 products
Products (3)
Click to collapseToggle
Products (3)
Click to collapse
CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Acurax 1Under Construction / Maintenance Mode Nov 21, 2024 Jun 10, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a thro...Show more |
1Acurax 1Under Construction / Maintenance Mode Apr 8, 2026 Feb 28, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenti...Show more |
1Acurax 1Under Construction / Maintenance Mode Apr 8, 2026 Feb 28, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acx_csma_subscribe_ajax' function. This can allow...Show more |
1Acurax 1Under Construction / Maintenance Mode Nov 21, 2024 Nov 16, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Acurax Under Construction / Maintenance Mode from Acurax plugin <= 2.6 versions. |
1Acurax 1Floating Social Media Icon Nov 21, 2024 Nov 26, 2021 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Floating Social Media Icon plugin (versions <= 4.3.5) Social Media Configuration form. Requires high role user like admin. |
The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widge...Show more |