wickedplugins
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting wickedplugins.
- CVE-2026-1883Wicked Folders <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion4.3
- CVE-2023-0729Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_sort_order5.4
- CVE-2023-0726Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_edit_folder5.4
- CVE-2023-0722Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_state5.4
- CVE-2023-0684Wicked Folders <= 2.18.16 - Missing Authorization via ajax_unassign_folders5.4
- CVE-2023-0715Wicked Folders <= 2.18.16 - Missing Authorization on ajax_clone_folder5.4
- CVE-2023-0711Wicked Folders <= 2.18.16 - Missing Authorization via ajax_save_state5.4
- CVE-2023-0717Wicked Folders <= 2.18.16 - Missing Authorization via ajax_delete_folder5.4
- CVE-2023-0725Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_clone_folder5.4
- CVE-2023-0724Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_add_folder5.4
- CVE-2023-0685Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_unassign_folders5.4
- CVE-2023-0720Wicked Folders <= 2.18.16 - Missing Authorization on ajax_save_folder_order5.4
- CVE-2023-0716Wicked Folders <= 2.18.16 - Missing Authorization on ajax_edit_folder5.4
- CVE-2023-0718Wicked Folders <= 2.18.16 - Missing Authorization on ajax_save_folder5.4
- CVE-2023-0723Wicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_move_object5.4