← Back

Sedlex

sedlex

6 CVEs • 4 products

Products (4)

Click to collapse
Toggle
Simple Quotation
simple_quotation
2 CVEs
Traffic Manager
traffic_manager
2 CVEs
Favicon Switcher
favicon-switcher
1 CVE
Image Zoom
image_zoom
1 CVE

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-41695
1Sedlex
1Traffic Manager
Apr 28, 2026
Jan 17, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Missing Authorization vulnerability in SedLex Traffic Manager.This issue affects Traffic Manager: from n/a through 1.4.5.
CVE-2022-41619
1Sedlex
1Image Zoom
Apr 28, 2026
Jan 17, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a through 1.8.8.
CVE-2022-42460
1Sedlex
1Traffic Manager
Nov 21, 2024
Nov 10, 2022
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) in Traffic Manager plugin <= 1.4.5 on WordPress.
CVE-2022-40219
1Sedlex
1Favicon Switcher
Apr 28, 2026
Sep 21, 2022
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Switcher plugin <= 1.2.11 at WordPress allows plugin settings change.
CVE-2022-22735
1Sedlex
1Simple Quotation
Nov 21, 2024
Mar 14, 2022
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation (and CSRF) checks in various of its AJAX actions and is lacking escaping of user data when using it in SQL statements, allowing any authenti...Show more
The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation (and CSRF) checks in various of its AJAX actions and is lacking escaping of user data when using it in SQL statements, allowing any authenticated users, such as subscriber to perform SQL injection attacksShow less
CVE-2022-22734
1Sedlex
1Simple Quotation
Nov 21, 2024
Mar 14, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or editing a quote and does not sanitise and escape Quotes. As a result, attacker could make a logged in admin create or edit arb...Show more
The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or editing a quote and does not sanitise and escape Quotes. As a result, attacker could make a logged in admin create or edit arbitrary quote, and put Cross-Site Scripting payloads in themShow less