Rednao CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-32603	1 Rednao	1 Smart Donations	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy – Smart Donations plugin <= 4.0.12 versions.
CVE-2022-0163	1 Rednao	1 Smart Forms	2024-11-21	6.5 Medium
The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednao_smart_forms_entries_list AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form's data, which could include sensitive information such as PII depending on the form.
CVE-2019-5924	1 Rednao	1 Smart Forms	2024-11-21	8.8 High
Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page.

« first previous Page 2 of 2.