Vulnerabilities (CVE)

Filtered by vendor Cleverplugins Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-47754 1 Cleverplugins 1 Delete Duplicate Posts 2024-02-28 N/A 9.8 CRITICAL
Missing Authorization vulnerability in Clever plugins Delete Duplicate Posts allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Delete Duplicate Posts: from n/a through 4.8.9.
CVE-2021-24747 1 Cleverplugins 1 Seo Booster 2024-02-28 6.5 MEDIUM 7.2 HIGH
The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections.