Vulnerabilities (CVE)

Filtered by vendor Getigniteup Subscribe
Filtered by product Igniteup
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0898 1 Getigniteup 1 Igniteup 2024-11-21 3.5 LOW 5.4 MEDIUM
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues
CVE-2019-17237 1 Getigniteup 1 Igniteup 2024-11-21 6.8 MEDIUM 8.8 HIGH
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.
CVE-2019-17236 1 Getigniteup 1 Igniteup 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.
CVE-2019-17235 1 Getigniteup 1 Igniteup 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure.
CVE-2019-17234 1 Getigniteup 1 Igniteup 2024-11-21 6.4 MEDIUM 7.5 HIGH
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.