cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwp-spid-italia wp-spid-italia

Direction: descending
Jun 16, 2026

WP SPID Italia # 8e47b49f82b0505ac2a6ff60c7eaa2e7bf6393e0

CVE, Research URL

8e47b49f82b0505ac2a6ff60c7eaa2e7bf6393e0

Home page URL

Security reports for WP SPID Italia

Application

WP SPID Italia

Date
Feb 28, 2022
Research Description
WP SPID Italia [wp-spid-italia] < 2.3.5 WordPress WP SPID Italia plugin <= 2.3.4 - Sensitive Information Disclosure vulnerability Sensitive Information Disclosure vulnerability discovered in WordPress WP SPID Italia plugin (versions <= 2.3.4).
Affected versions
max 2.3.5.
Status
vulnerable

WP SPID Italia # 6d8910c719b2a132ec93828cd37e418b19cac960

CVE, Research URL

6d8910c719b2a132ec93828cd37e418b19cac960

Home page URL

Security reports for WP SPID Italia

Application

WP SPID Italia

Date
Mar 04, 2022
Research Description
WP SPID Italia [wp-spid-italia] < 2.3.5 Freemius SDK <= 2.4.2 - Missing Authorization Checks The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions
max 2.3.5.
Status
vulnerable
Jun 13, 2026

WP SPID Italia # CVE-2023-33999

CVE, Research URL

CVE-2023-33999

Home page URL

Security reports for WP SPID Italia

Application

WP SPID Italia

Date
Jun 11, 2026
Research Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
Affected versions
max 2.5.
Status
vulnerable
Jan 12, 2025

WP SPID Italia # CVE-2024-11758

CVE, Research URL

CVE-2024-11758

Home page URL

Security reports for WP SPID Italia

Application

WP SPID Italia

Date
Jan 11, 2025
Research Description
The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 2.12.
Status
vulnerable
Nov 15, 2024

WP SPID Italia # CVE-2022-4974

CVE, Research URL

CVE-2022-4974

Home page URL

Security reports for WP SPID Italia

Application

WP SPID Italia

Date
Oct 16, 2024
Research Description
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions
max 2.3.5.
Status
vulnerable
Jun 07, 2024

WP SPID Italia # 07b6f5b1abfa27bdefa8b033400ce823a6358ab0

CVE, Research URL

07b6f5b1abfa27bdefa8b033400ce823a6358ab0

Home page URL

Security reports for WP SPID Italia

Application

WP SPID Italia

Date
Feb 28, 2022
Research Description
WP SPID Italia [wp-spid-italia] < 2.3.5 WordPress WP SPID Italia plugin <= 2.3.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress WP SPID Italia plugin (versions <= 2.3.4).
Affected versions
max 2.3.5.
Status
vulnerable