← Back

Brijeshk89

brijeshk89

4 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Smart Maintenance Mode
smart_maintenance_mode
2 CVEs
Ip Based Login
ip_based_login
2 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-12800
1Brijeshk89
1Ip Based Login
Jun 10, 2025
May 15, 2025
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The IP Based Login WordPress plugin before 2.4.1 does not sanitise values when importing, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html...Show more
The IP Based Login WordPress plugin before 2.4.1 does not sanitise values when importing, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less
CVE-2024-12683
1Brijeshk89
1Smart Maintenance Mode
May 6, 2025
Mar 26, 2025
N/A· v4
3.5 LOW· v3
N/A· v2
The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when th...Show more
The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less
CVE-2024-13118
1Brijeshk89
1Ip Based Login
May 6, 2025
Mar 25, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack
CVE-2024-12682
1Brijeshk89
1Smart Maintenance Mode
May 6, 2025
Mar 25, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when th...Show more
The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less