Getigniteup: >> Igniteup >> 1.0.5 Security Vulnerabilities
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues
CVSS Score
5.4
EPSS Score
0.002
Published
2022-05-09
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.
CVSS Score
7.5
EPSS Score
0.233
Published
2019-11-12
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure.
CVSS Score
5.3
EPSS Score
0.006
Published
2019-11-12
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-12
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-11-12