Sermon Browser Project

sermon_browser_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Sermon Browser

sermon_browser

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0499 1Sermon Browser Project 1Sermon Browser Jun 17, 2026 Mar 28, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary fil...Show more The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones.Show less
CVE-2016-10897 1Sermon Browser Project 1Sermon Browser Nov 21, 2024 Aug 21, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-0499

1Sermon Browser Project

1Sermon Browser

Jun 17, 2026

Mar 28, 2022

N/A· v4

8.8 HIGH· v3

6.8 MEDIUM· v2

The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary fil...Show more

CVE-2016-10897

1Sermon Browser Project

1Sermon Browser

Nov 21, 2024

Aug 21, 2019

N/A· v4

6.1 MEDIUM· v3

4.3 MEDIUM· v2

The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues.