Skip to main content
CVE-2020-13486 MEDIUM PATCH This Month

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Knock Knock
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-13459 MEDIUM PATCH This Month

An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Image Resizer
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy