CVE-2023-0212

The Advanced Recent Posts WordPress plugin through 0.6.14 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2023-35778

Cross-Site Request Forgery CSRF vulnerability in Neha Goel Recent Posts Slider plugin = 1.1 versions...

CVE-2023-35043

Unauth. Stored Cross-Site Scripting XSS vulnerability in Neha Goel Recent Posts Slider plugin = 1.1 versions...

CVE-2024-54403

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oktoberfive Visual Recent Posts visual-recent-posts allows Reflected XSS.This issue affects Visual Recent Posts: from n/a through = 1.2.3...

CVE-2024-54403

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oktoberfive Visual Recent Posts visual-recent-posts allows Reflected XSS.This issue affects Visual Recent Posts: from n/a through = 1.2.3...

WordPress Visual Recent Posts plugin <= 1.2.3 - Reflected Cross Site Request Forgery (CSRF) vulnerability

Reflected Cross Site Request Forgery CSRF vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Visual Recent Posts versions = 1.2.3...

Smart Recent Posts Widget <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Smart Recent Posts Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-33643

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2...

CVE-2024-33643 WordPress Advanced Most Recent Posts Mod plugin <= 1.6.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2...

CVE-2024-33643

CVE-2024-33643 affects the WordPress plugin Advanced Most Recent Posts Mod (vulnerable up to 1.6.5.2) with a Stored XSS due to improper input neutralization during page generation. The initial and connected docs confirm the vulnerability type and affected plugin; patch/version details beyond 1.6....

CVE-2024-33643 WordPress Advanced Most Recent Posts Mod plugin <= 1.6.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2...

PT-2024-25404 · Unknown · Kailey Lampert Advanced Most Recent Posts Mod

Name of the Vulnerable Software and Affected Versions: Kailey Lampert Advanced Most Recent Posts Mod versions through 1.6.5.2 Description: The issue affects the Kailey Lampert Advanced Most Recent Posts Mod, allowing Stored XSS due to improper neutralization of input during web page generation...

CVE-2024-33692 WordPress Smart Recent Posts Widget plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3...

CVE-2024-33692

CVE-2024-33692 is an stored XSS vulnerability in the Satrya Smart Recent Posts Widget. The issue is due to improper input neutralization during web page generation, enabling stored cross-site scripting. Affected versions are vulnerable from n/a to 1.0.3. The initial and connected documents do not...

CVE-2024-33692 WordPress Smart Recent Posts Widget plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3...

WordPress Smart Recent Posts Widget plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Smart Recent Posts Widget versions = 1.0.4...

WordPress Smart Recent Posts Widget Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Smart Recent Posts Widget Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33692 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 734e2b75e9d6 Credits Joshua Chan Required privilege...

CVE-2024-23502

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a...

CVE-2023-35043

CVE-2023-35043 corresponds to an unauthenticated stored XSS in the WordPress plugin Neha Goel Recent Posts Slider , affected versions