Vulnerabilities in wpkube
16 resultsCVE-2021-4362CRITICALThe Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the kiwi_social_share_EPSS 1.4%CVE-2024-4144MEDIUMSimple Basic Contact Form <= 20240502 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.7%CVE-2024-10952HIGHAuthors List <= 2.0.4 - Unauthenticated Arbitrary Shortcode Execution via update_authors_list_ajaxEPSS 0.6%CVE-2024-31249MEDIUMWordPress Subscribe To Comments Reloaded plugin <= 220725 - Sensitive Data Exposure vulnerabilityEPSS 0.5%CVE-2024-4150MEDIUMSimple Basic Contact Form <= 20221201 - Reflected Cross-Site ScriptingEPSS 0.5%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2024-3228MEDIUMSocial Sharing Plugin – Kiwi <= 2.1.7 - Information DisclosureEPSS 0.4%CVE-2022-29414MEDIUMWordPress Subscribe To Comments Reloaded plugin <= 211130 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.4%CVE-2024-13806MEDIUMAuthors List <= 2.0.6 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.3%CVE-2025-12010MEDIUMAuthors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's ShortcodeEPSS 0.3%CVE-2023-37981HIGHWordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2025-13614HIGHCool Tag Cloud <= 2.29 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-4409MEDIUMSubscribe To Comments Reloaded <= 240119 - Improper Authorization to Unauthenticated Arbitrary Subscription ManagementEPSS 0.2%CVE-2025-58790MEDIUMWordPress Kiwi Plugin <= 2.1.8 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2025-69011MEDIUMWordPress Cool Tag Cloud plugin <= 2.29 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-58792MEDIUMWordPress Authors List plugin <= 2.0.6.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%