Filtered by vendor Mekshq
Subscriptions
Filtered by product Meks Video Importer
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-6599 | 2 Mekshq, Wordpress | 2 Meks Video Importer, Wordpress | 2024-11-21 | 4.3 Medium |
| The Meks Video Importer plugin for WordPress is vulnerable to unauthorized API key modification due to a missing capability check on the ajax_save_settings function in all versions up to, and including, 1.0.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin's API keys | ||||
| CVE-2023-25989 | 1 Mekshq | 10 Meks Audio Player, Meks Easy Ads Widget, Meks Easy Maps and 7 more | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup. | ||||
Page 1 of 1.