cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-4366,https://securityvulnerability.io/vulnerability/CVE-2021-4366,Authorization Bypass Vulnerability in PWA for WP & AMP Plugin by WordPress,"The PWA for WP & AMP plugin in WordPress is vulnerable to an authorization bypass due to a lack of capability checks in the pwaforwp_update_features_options function for versions up to and including 1.7.32. This vulnerability allows authenticated attackers to manipulate settings that are typically restricted, potentially compromising the security of the application and the integrity of its configurations.",Wordpress,Pwa For WP & Amp,6.3,MEDIUM,0.0008999999845400453,false,,false,false,false,,false,false,2023-06-07T01:51:36.574Z,0
CVE-2021-4354,https://securityvulnerability.io/vulnerability/CVE-2021-4354,Arbitrary File Upload Vulnerability in PWA for WP & AMP Plugin by WordPress,"The PWA for WP & AMP plugin for WordPress is susceptible to an arbitrary file upload vulnerability due to inadequate file type validation within the pwaforwp_splashscreen_uploader function. Attackers with authentication may exploit this flaw to upload malicious files onto the server hosting the affected sites. This could potentially lead to remote code execution, compromising the integrity and security of the website.",Wordpress,Pwa For WP & Amp,8.8,HIGH,0.013919999822974205,false,,false,false,false,,false,false,2023-06-07T01:51:22.946Z,0