Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-04-03

CVE-2024-1642 - Mainwp Dashboard Plugin

The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.0.1. This is due to missing or incorrect nonce validation on the 'posting_bulk' function. This makes it possible for unauthenticated attackers to delete arbitrary posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

PLUGIN Mainwp Dashboard

CVE-2024-1642

MEDIUM CVSS 4.3 2024-03-13

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2023-38519 - Mainwp Dashboard Plugin

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3.

PLUGIN Mainwp Dashboard

CVE-2023-38519

HIGH CVSS 7.6 2023-12-20

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-1642 - Mainwp Dashboard Plugin

CVE-2023-38519 - Mainwp Dashboard Plugin

Company Links

Contact Us