CiviCRM

Vulnerabilities 2Slug civicrm

Minimum safe version

5.28.1

Update to 5.28.1 or later to address 2 fixable vulnerabilities

Medium 4.3
2021-06-22< 5.28.1

CiviCRM < 5.28.1 - Cross-Site Request Forgery to Cross-Site Scripting

WordfenceCVEWPScan
High 8.8
2021-06-22< 5.24.3

WordPress CiviCRM plugin <= 5.24.2 - Authenticated Phar Deserialization vulnerability

PatchstackCVEWPScan