Vulnerabilities in MarketingFire
6 resultsCVE-2024-8672CRITICALWidget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code ExecutionEPSS 43.8%CVE-2026-2052HIGHWidget Options <= 4.2.2 - Authenticated (Contributor+) Remote Code Execution via Display LogicEPSS 0.8%CVE-2023-36520MEDIUMWordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.4%CVE-2024-35690MEDIUMWordPress Widget Options plugin <= 4.0.1 - Subscriber+ User Meta Data Exposure VulnerabilityEPSS 0.3%CVE-2025-8483MEDIUMDiscussion Board – WordPress Forum Plugin <= 2.5.5 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.2%CVE-2025-10580MEDIUMWidget Options – The #1 WordPress Widget & Block Control Plugin <= 4.1.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%