Vulnerabilities (CVE)

Filtered by vendor Verbb Subscribe
Filtered by product Knock Knock
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-13486 1 Verbb 1 Knock Knock 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
CVE-2020-13485 1 Verbb 1 Knock Knock 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.