Skip to main content

Wp Cerber Security Anti Spam Malware Scan

3 CVEs product

Monthly

CVE-2022-4712 HIGH This Week

The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the log parameter when logging in to the site in versions up to, and including, 9.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Wp Cerber Security Anti Spam Malware Scan
NVD VulDB
CVSS 3.1
7.2
EPSS
1.8%
CVE-2022-2939 MEDIUM PATCH This Month

The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure WordPress PHP Wp Cerber Security Anti Spam Malware Scan
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-0429 MEDIUM POC This Month

The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Wp Cerber Security Anti Spam Malware Scan
NVD WPScan
CVSS 3.1
6.1
EPSS
1.4%
EPSS 2% CVSS 7.2
HIGH This Week

The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the log parameter when logging in to the site in versions up to, and including, 9.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Wp Cerber Security Anti Spam Malware Scan
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure WordPress PHP +1
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Wp Cerber Security Anti Spam Malware Scan
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy