Skip to main content

Cryptocurrency Widgets

4 CVEs product

Monthly

CVE-2024-43304 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cool Plugins Cryptocurrency Widgets - Price Ticker & Coins List allows Reflected XSS.8.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cryptocurrency Widgets
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-27953 MEDIUM This Month

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets - Price Ticker & Coins List.6.8. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cryptocurrency Widgets
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-0709 HIGH PATCH This Week

The Cryptocurrency Widgets - Price Ticker & Coins List plugin for WordPress is vulnerable to SQL Injection via the 'coinslist' parameter in versions 2.0 to 2.6.5 due to insufficient escaping on the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi WordPress Cryptocurrency Widgets
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-4950 HIGH PATCH This Week

Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

RCE WordPress Authentication Bypass Cool Timeline Cryptocurrency Widgets +9
NVD VulDB
CVSS 3.1
8.8
EPSS
5.4%
EPSS 0% CVSS 6.1
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cool Plugins Cryptocurrency Widgets - Price Ticker & Coins List allows Reflected XSS.8.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cryptocurrency Widgets
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets - Price Ticker & Coins List.6.8. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cryptocurrency Widgets
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The Cryptocurrency Widgets - Price Ticker & Coins List plugin for WordPress is vulnerable to SQL Injection via the 'coinslist' parameter in versions 2.0 to 2.6.5 due to insufficient escaping on the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi WordPress Cryptocurrency Widgets
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

RCE WordPress Authentication Bypass +11
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy