HUSKY
RealMag777
Developer
1.3.8.1
Latest version
90,000
Installations
No date
Last updated
Vulnerability history
0 present
22 fixed
10 Mitigation rules
- Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_subscr' vulnerability<= 1.3.7.3Dec 18, 2025
- Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_query/woof_remove_query' vulnerability<= 1.3.7.2Dec 3, 2025
- Unauthenticated SQL Injection via `phrase` Parameter vulnerability<= 1.3.7.1Oct 28, 2025
- Local File Inclusion Vulnerability<= 1.3.7Jun 19, 2025
- Local File Inclusion vulnerability<= 1.3.6.4Mar 14, 2025
- Unauthenticated Local File Inclusion vulnerability<= 1.3.6.5Mar 10, 2025
- Reflected Cross-Site Scripting via really_curr_tax Parameter vulnerability<= 1.3.6.3Nov 19, 2024
- Insecure Direct Object Reference to Unsubscribe vulnerability<= 1.3.6.1Sep 24, 2024
- Privilege Escalation vulnerability<= 1.3.6.1Aug 7, 2024
- Unauthenticated Time-Based SQL Injection vulnerability<= 1.3.6Jul 16, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 1.3.5.3May 29, 2024
- Remote Code Execution (RCE) vulnerability<= 1.3.5.2Apr 17, 2024
- Authenticated (Admin+) Local File Inclusion vulnerability<= 1.3.5.2Apr 1, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 1.3.5.1Mar 28, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 1.3.5.1Mar 14, 2024
- Authenticated (Contributor+) SQL Injection vulnerability<= 1.3.5.2Mar 14, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 1.3.4.3Dec 22, 2023
- SQL Injection vulnerability<= 1.3.4.2Nov 27, 2023
- Broken Access Control vulnerability<= 1.3.4.2Nov 23, 2023
- Admin+ PHP Object Injection vulnerability< 1.3.2Jan 11, 2023
- Arbitrary File Upload Vulnerability<= 1.1.4.2Jul 8, 2017
- Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability<= 1.1.4Jul 8, 2017