Vulnerability history

Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter vulnerability

Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via 'group_tag' vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' vulnerability

Broken Access Control vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Insecure Direct Object Reference to Sensitive Information Exposure vulnerability

Content Injection vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'tooltip' vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via wprm-recipe-roundup-item Shortcode vulnerability

Authenticated Stored Cross-Site Scripting via Video Embed vulnerability

Missing Authorization to Authenticated (Subscriber+) SQL Injecton vulnerability

Directory Traversal vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting via Referer vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Recipe Notes vulnerability

Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via header_tag vulnerability

Contributor+ Stored XSS vulnerability