Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Yawpp
(Ostenta)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-20 | CVE-2015-9391 | The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter. | Yawpp | N/A | ||
| 2014-08-06 | CVE-2014-5182 | Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authenticated users with Contributor privileges to execute arbitrary SQL commands via vectors related to (1) admin_functions.php or (2) admin_update.php, as demonstrated by the id parameter in the update action to wp-admin/admin.php. | Yawpp | N/A |