Geomywp: >> Geo My Wordpress >> 4.0.1 Security Vulnerabilities
The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
CVSS Score
6.6
EPSS Score
0.001
Published
2024-11-22
The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.
CVSS Score
9.8
EPSS Score
0.37
Published
2024-08-19
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.0.2.
CVSS Score
7.6
EPSS Score
0.001
Published
2023-12-31