Filtered by vendor Rafflepress
Subscriptions
Filtered by product Giveaways And Contests
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66064 | 2 Rafflepress, Wordpress | 3 Giveaways And Contests, Giveaways And Contests By Rafflepress, Wordpress | 2025-11-24 | 5.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Giveaways and Contests by RafflePress rafflepress allows Cross Site Request Forgery.This issue affects Giveaways and Contests by RafflePress: from n/a through <= 1.12.20. | ||||
| CVE-2025-12484 | 2 Rafflepress, Wordpress | 3 Giveaways And Contests, Giveaways And Contests By Rafflepress, Wordpress | 2025-11-20 | 7.2 High |
| The Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple social media username parameters in all versions up to, and including, 1.12.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
Page 1 of 1.