Wp-buy CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-24188	1 Wp-buy	1 Wp Content Copy Protection \& No Right Click	2024-11-21	8.8 High
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.
CVE-2019-15832	1 Wp-buy	1 Visitor Traffic Real Time Statistics	2024-11-21	N/A
The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.
CVE-2019-15831	1 Wp-buy	1 Visitor Traffic Real Time Statistics	2024-11-21	N/A
The visitors-traffic-real-time-statistics plugin before 1.12 for WordPress has CSRF in the settings page.

« first previous Page 2 of 2.