BadgeOS
N/A
Developer
N/A
Latest version
N/A
Installations
N/A
Last updated
Vulnerability history
5 present
2 fixed
2 Mitigation rules
- Broken Access Control vulnerability<= 3.7.1.6Nov 7, 2023
- Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Title Overwrite vulnerability<= 3.7.1.6Jul 6, 2023
- Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Deletion vulnerability<= 3.7.1.6Jul 6, 2023
- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 3.7.1.6Jul 6, 2023
- Multiple Cross-Site Request Forgery (CSRF) vulnerability<= 3.7.1.6Apr 18, 2023
- Authenticated SQL Injection (SQLi) vulnerability<= 3.7.1.2Aug 23, 2022
- Unauthenticated SQL Injection (SQLi) vulnerability<= 3.7.0Apr 13, 2022