Vulnerabilities (CVE)

Filtered by vendor Codemenschen Subscribe
Filtered by product Gift Vouchers
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-28662 1 Codemenschen 1 Gift Vouchers 2024-02-28 N/A 9.8 CRITICAL
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.
CVE-2018-16159 1 Codemenschen 1 Gift Vouchers 2024-02-28 7.5 HIGH 9.8 CRITICAL
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.