Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pray_for_me
(Projectcaruso)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-14 | CVE-2024-3965 | The Pray For Me WordPress plugin through 1.0.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | Pray_for_me | N/A | ||
| 2024-06-14 | CVE-2024-3966 | The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin | Pray_for_me | 6.1 |