Wp Delicious
Monthly
Missing authorization in WP Delicious WordPress plugin versions up to 1.9.5 enables unauthenticated remote attackers to bypass access controls and read sensitive information due to incorrectly configured access restrictions. The vulnerability allows unauthorized information disclosure with low CVSS impact (5.3) but affects a widely deployed WordPress plugin; exploitation likelihood is minimal (EPSS 0.02%, percentile 4%) and no public exploit code has been identified.
The WP Delicious - Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Delicious Delicious Recipes - WordPress Recipe Plugin allows Stored XSS.6.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing authorization in WP Delicious WordPress plugin versions up to 1.9.5 enables unauthenticated remote attackers to bypass access controls and read sensitive information due to incorrectly configured access restrictions. The vulnerability allows unauthorized information disclosure with low CVSS impact (5.3) but affects a widely deployed WordPress plugin; exploitation likelihood is minimal (EPSS 0.02%, percentile 4%) and no public exploit code has been identified.
The WP Delicious - Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Delicious Delicious Recipes - WordPress Recipe Plugin allows Stored XSS.6.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.