Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-47144 | 1 Frenify | 1 Mediamatic | 2024-02-04 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions. | |||||
CVE-2021-24848 | 1 Frenify | 1 Mediamatic | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection |