Skip to main content

Cooked

10 CVEs product

Monthly

CVE-2024-41816 MEDIUM POC PATCH This Month

Cooked is a recipe plugin for WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress XSS Cooked
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-39682 MEDIUM POC This Month

Cooked is a recipe plugin for WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection WordPress Cooked
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-39681 HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-39680 HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-39679 HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-39678 HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-37308 MEDIUM POC PATCH This Month

The Cooked Pro recipe plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the `_recipe_settings[post_title]` parameter in versions up to, and including, 1.7.15.4 due to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress XSS Cooked
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-44477 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cooked
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2022-3900 CRITICAL POC THREAT Act Now

The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore action, allowing an unauthenticated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP WordPress Cooked
NVD WPScan
CVSS 3.1
9.8
EPSS
19.0%
CVE-2021-24233 MEDIUM POC This Month

The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Cooked
NVD WPScan
CVSS 3.1
6.1
EPSS
1.7%
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Cooked is a recipe plugin for WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress XSS Cooked
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Cooked is a recipe plugin for WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection WordPress Cooked
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Cooked is a recipe plugin for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Cooked
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

The Cooked Pro recipe plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the `_recipe_settings[post_title]` parameter in versions up to, and including, 1.7.15.4 due to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress XSS Cooked
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cooked
NVD
EPSS 19% CVSS 9.8
CRITICAL POC THREAT Act Now

The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipe_args parameter before unserializing it in the cooked_loadmore action, allowing an unauthenticated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP WordPress +1
NVD WPScan
EPSS 2% CVSS 6.1
MEDIUM POC This Month

The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Cooked
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy