Lucene search
+L

52 matches found

cnnvd
cnnvd
added 2025/09/29 12:0 a.m.12 views

WordPress plugin Postie 安全漏洞

WordPress Postie Plugin is a plugin that is mainly used for publishing posts via email. WordPress Postie Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker...

4.8CVSS6AI score0.00168EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/09/29 12:0 a.m.5 views

PT-2025-39812

Name of the Vulnerable Software and Affected Versions Postie WordPress plugin versions prior to 1.9.71 Description The software does not properly sanitize and escape certain settings, potentially allowing users with high privileges, such as administrators, to carry out Stored Cross-Site Scripting...

6.1CVSS5.3AI score0.00168EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/22 10:10 a.m.6 views

CVE-2019-20204

The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...

5.4CVSS6.9AI score0.03376EPSS
Exploits5References1
exploitpack
exploitpack
added 2020/01/16 12:0 a.m.118 views

WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting

WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software...

5CVSS5.2AI score0.03376EPSS
Exploits6
zdt
zdt
added 2020/01/16 12:0 a.m.186 views

WordPress Postie 1.9.40 Plugin - Persistent Cross-Site Scripting Exploit

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link:...

3.5CVSS5.4AI score0.03376EPSS
Exploits6
exploitdb
exploitdb
added 2020/01/16 12:0 a.m.452 views

WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting

Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...

5.4CVSS5.6AI score0.03376EPSS
Exploits6
packetstorm
packetstorm
added 2020/01/15 12:0 a.m.143 views

WordPress Postie 1.9.40 Cross Site Scripting

Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...

5CVSS5.4AI score0.03376EPSS
Exploits6
patchstack
patchstack
added 2020/01/06 12:0 a.m.12 views

WordPress Postie plugin <= 1.9.40 - Stored Cross-Site Scripting (XSS) and post submission spoofing vulnerabilities

Stored Cross-Site Scripting XSS and post submission spoofing vulnerabilities found by V1n1v131r4 in WordPress Postie plugin versions = 1.9.40. Solution 06.01.2020 - we were unable to find a patched version of this plugin...

1.5AI score
Exploits0References1Affected Software1
cnvd
cnvd
added 2020/01/06 12:0 a.m.6 views

WordPress Postie plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Postie is one of the plugins used to support posting using email. A cross-site scripting vulnerability in the WordPress Postie plugin c...

5.3CVSS6AI score0.02099EPSS
Exploits5References1
osv
osv
added 2020/01/02 2:16 p.m.3 views

CVE-2019-20204

The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...

5.4CVSS6.1AI score0.03376EPSS
Exploits5References5
nvd
nvd
added 2020/01/02 2:16 p.m.32 views

CVE-2019-20204

The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...

5.4CVSS5.5AI score0.03376EPSS
Exploits5References5
nvd
nvd
added 2020/01/02 2:16 p.m.31 views

CVE-2019-20203

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...

5.3CVSS5.3AI score0.02099EPSS
Exploits5References4
osv
osv
added 2020/01/02 2:16 p.m.0 views

CVE-2019-20203

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...

5.3CVSS6.1AI score
Exploits0References4
prion
prion
added 2020/01/02 2:16 p.m.23 views

Design/Logic Flaw

The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...

3.5CVSS5.5AI score0.03376EPSS
Exploits5References5Affected Software1
prion
prion
added 2020/01/02 2:16 p.m.19 views

Code injection

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...

5CVSS5.3AI score0.02099EPSS
Exploits5References4Affected Software1
wpvulndb
wpvulndb
added 2020/01/02 12:0 a.m.31 views

Postie <= 1.9.40 - Post Submission Spoofing & Stored XSS

"The Postie plugin for WordPress only allows posting of articles submitted by authorized users through a mailing list registered in the plugin settings. However through the email sender's spoofing technique, it was possible to bypass the plugin settings and publish a post as having been sent by a...

5CVSS1.6AI score0.03376EPSS
Exploits6References1Affected Software1
cnvd
cnvd
added 2020/01/02 12:0 a.m.4 views

WordPress Postie Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Postie is one of the plugins used to support posting using email. A cross-site scripting vulnerability exists in WordPress Postie versi...

5.4CVSS6.2AI score0.03376EPSS
Exploits5References1
cvelist
cvelist
added 2020/01/01 9:59 p.m.60 views

CVE-2019-20204

The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/ at the beginning and a crafted SVG element...

5.4AI score0.03376EPSS
Exploits5References5
cve
cve
added 2020/01/01 9:59 p.m.157 views

CVE-2019-20204

The CVE-2019-20204 entry concerns the WordPress Postie plugin, version 1.9.40. A cross-site scripting (XSS) vulnerability exists in this plugin that can be triggered by a crafted payload starting with jaVasCript:/* and an embedded SVG element, enabling execution of client‑side scripts in the cont...

5.4CVSS5.2AI score0.03376EPSS
Exploits5References5Affected Software1
cvelist
cvelist
added 2020/01/01 9:59 p.m.61 views

CVE-2019-20203

The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From information of an email message...

5.3AI score0.02099EPSS
Exploits5References4
Rows per page
Query Builder