Skip to main content

Cool Timeline

2 CVEs product

Monthly

CVE-2020-36738 MEDIUM POC PATCH This Month

The Cool Timeline (Horizontal & Vertical Timeline) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

WordPress CSRF Cool Timeline
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2022-4950 HIGH PATCH This Week

Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

RCE WordPress Authentication Bypass Cool Timeline Cryptocurrency Widgets +9
NVD VulDB
CVSS 3.1
8.8
EPSS
5.4%
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

The Cool Timeline (Horizontal & Vertical Timeline) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

WordPress CSRF Cool Timeline
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

RCE WordPress Authentication Bypass +11
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy