Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2023-28931
Disclosure Date: August 08, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions.
0
Attacker Value
Unknown
CVE-2022-3506
Disclosure Date: October 14, 2022 (last updated October 08, 2023)
Cross-site Scripting (XSS) - Stored in GitHub repository barrykooij/related-posts-for-wp prior to 2.1.3.
0
Attacker Value
Unknown
CVE-2021-24482
Disclosure Date: July 19, 2021 (last updated November 08, 2023)
The Related Posts for WordPress plugin through 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Site Scripting issues.
0
Attacker Value
Unknown
CVE-2021-24180
Disclosure Date: April 05, 2021 (last updated November 28, 2024)
Unvalidated input and lack of output encoding within the Related Posts for WordPress plugin before 2.0.4 lead to a Reflected Cross-Site Scripting (XSS) vulnerability within the 'lang' GET parameter while editing a post, triggered when users with the capability of editing posts access a malicious URL.
0
Attacker Value
Unknown
CVE-2015-9362
Disclosure Date: August 28, 2019 (last updated November 27, 2024)
The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg().
0
Attacker Value
Unknown
CVE-2015-9361
Disclosure Date: August 28, 2019 (last updated November 27, 2024)
The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().
0
Attacker Value
Unknown
CVE-2015-9296
Disclosure Date: August 13, 2019 (last updated November 27, 2024)
The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg.
0
