Lucene search
K

225 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:50 a.m.9 views

CVE-2024-53818

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through = 4.1.15...

6.5CVSS7.2AI score0.0034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:17 a.m.5 views

CVE-2024-50443

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through = 4.1.12...

6.5CVSS5.9AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:28 a.m.6 views

CVE-2023-36385

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpxpo PostX – Gutenberg Post Grid Blocks plugin = 2.9.9 versions...

7.1CVSS7AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.9 views

CVE-2021-24660

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's shortcode...

5.4CVSS6AI score0.00517EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.7 views

CVE-2021-24659

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the plugin's block...

5.4CVSS6AI score0.0053EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:21 p.m.9 views

CVE-2021-24661

The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates Addon enabled, allows users with Contributor roles or higher to read password-protected or private post contents the user is otherwise unable to read, given the post ID...

4.3CVSS6.6AI score0.00739EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/30 10:21 a.m.20 views

CVE-2025-31096

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through = 4.1.25...

6.5CVSS7.2AI score0.00193EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/28 10:35 a.m.4 views

WordPress PostX plugin <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin PostX versions = 4.1.25...

6.5CVSS6.2AI score0.00193EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/28 10:15 a.m.17 views

CVE-2025-31096

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through = 4.1.25...

6.5CVSS0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/28 9:39 a.m.10 views

CVE-2025-31096 WordPress PostX <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX allows DOM-Based XSS. This issue affects PostX: from n/a through 4.1.25...

6.5CVSS7.1AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/28 9:39 a.m.25 views

CVE-2025-31096 WordPress PostX plugin <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through = 4.1.25...

6.5CVSS0.00193EPSS
Exploits0References1
CVE
CVE
added 2025/03/28 9:39 a.m.53 views

CVE-2025-31096

CVE-2025-31096 affects WordPress PostX (Post Grid Gutenberg Blocks) plugin. The WordPress plugin PostX versions up to 4.1.25 are vulnerable to a Cross-Site Scripting (Stored) flaw via inputs generated during web page rendering, enabling XSS in authenticated contexts. Remediation: upgrade to PostX...

6.5CVSS7.2AI score0.00193EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.6 views

WordPress plugin PostX 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.5CVSS7.9AI score0.00193EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 6:15 a.m.11 views

CVE-2024-5326

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postxpresetscallback' function in all versions up to, and including, 4.1.2. This makes it possible for authenticated...

8.8CVSS6.4AI score0.01426EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:59 a.m.10 views

CVE-2024-10728

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'installrequiredplugincallback' function in all versions up to, and including, 4.1.16. This makes it possible...

8.8CVSS8.7AI score0.36493EPSS
Exploits1References1
NVD
NVD
added 2024/12/09 1:15 p.m.21 views

CVE-2024-53818

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through = 4.1.15...

6.5CVSS0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 12:54 p.m.24 views

CVE-2024-53818 WordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through = 4.1.15...

6.5CVSS0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 12:54 p.m.12 views

CVE-2024-53818 WordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through = 4.1.15...

6.5CVSS8.6AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 12:54 p.m.55 views

CVE-2024-53818

PostX (Post Grid) WordPress plugin

6.5CVSS7.2AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

WordPress plugin PostX 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.5CVSS7.8AI score0.0034EPSS
Exploits0References1
Rows per page
Query Builder