CVEDB API

Vulnerabilities

Vulnerable Software

Atarim: >> Atarim Security Vulnerabilities

CVE-2024-12104

The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wpf_delete_file functions in all versions up to, and including, 4.0.9. This makes it possible for unauthenticated attackers to delete project pages and files. CVE-2025-22657 may be a duplicate of this issue.

CVSS Score

5.3

EPSS Score

0.004

Published

2025-01-21

CVE-2024-37434

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim atarim-visual-collaboration.This issue affects Atarim: from n/a through <= 3.31.

CVSS Score

5.9

EPSS Score

0.001

Published

2024-07-22

CVE-2023-47544

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.12 versions.

CVSS Score

7.1

EPSS Score

0.002

Published

2023-11-14

CVE-2023-37393

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.

CVSS Score

7.1

EPSS Score

0.001

Published

2023-09-04

Page 1

Vulnerabilities

Vulnerable Software

Atarim: >> Atarim Security Vulnerabilities

Products

Pricing

Contact Us