Skip to main content

Zotpress

4 CVEs product

Monthly

CVE-2024-7429 MEDIUM PATCH This Month

The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass WordPress Zotpress
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-46313 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zotpress
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-32961 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zotpress
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2016-1000217 CRITICAL POC THREAT Emergency

Zotpress plugin for WordPress SQLi in zp_get_account(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

WordPress SQLi Zotpress
NVD
CVSS 3.0
9.8
EPSS
11.4%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass WordPress Zotpress
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zotpress
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zotpress
NVD
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Emergency

Zotpress plugin for WordPress SQLi in zp_get_account(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

WordPress SQLi Zotpress
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy