Tipsandtricks-Hq: >> Software License Manager >> 4.4.7 Security Vulnerabilities
The del_reistered_domains AJAX action of the Software License Manager WordPress plugin before 4.5.1 does not have any CSRF checks, and is vulnerable to a CSRF attack
CVSS Score
8.8
EPSS Score
0.001
Published
2021-10-11
The Software License Manager WordPress plugin before 4.4.8 does not sanitise or escape the edit_record parameter before outputting it back in the page in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
CVSS Score
6.1
EPSS Score
0.002
Published
2021-09-13