Vulnerabilities (CVE)

Filtered by vendor Flothemes Subscribe
Filtered by product Flo-launch
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0541 1 Flothemes 1 Flo-launch 2024-11-21 7.5 HIGH 9.8 CRITICAL
The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value.