Lucene search
K

83 matches found

Patchstack
Patchstack
added 2026/01/15 11:37 p.m.6 views

WordPress User Submitted Posts plugin <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'uspaccess' Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin User Submitted Posts versions = 20260110...

6.4CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.7 views

CVE-2023-4779

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's uspgallery shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'before'. This makes it possible...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.10 views

CVE-2023-45603

Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902...

9.8CVSS8.6AI score0.00903EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/01 3:20 a.m.6 views

WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability

Open Redirection vulnerability discovered by benzdeus in WordPress Plugin User Submitted Posts versions = 20251121...

6.1CVSS6.7AI score0.00475EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/12/30 12:0 a.m.6 views

WordPress User Submitted Posts plugin open to redirection vulnerability

WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...

6.1CVSS6.8AI score0.00475EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 3:30 p.m.4 views

EUVD-2025-205206

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...

6.1CVSS6.4AI score0.00475EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 1:16 p.m.4 views

CVE-2025-68509

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...

4.7CVSS0.00475EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 12:31 p.m.23 views

CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...

4.7CVSS0.00475EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 12:31 p.m.3 views

CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...

4.7CVSS6.5AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 12:31 p.m.13 views

CVE-2025-68509

CVE-2025-68509 affects the WordPress plugin User Submitted Posts . The reported issue is an unauthenticated Open Redirect flaw caused by insufficient validation of the redirect-override parameter, allowing attackers to redirect users to untrusted sites and facilitate phishing. Affected versions a...

4.7CVSS6.5AI score0.00475EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.5 views

WordPress plugin User Submitted Posts 安全漏洞

WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...

4.7CVSS6.7AI score0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53081

Name of the Vulnerable Software and Affected Versions Jeff Starr User Submitted Posts versions prior to and including 20251121 Description The software contains an Open Redirect issue, allowing for potential phishing attacks. This occurs due to a redirection to an untrusted site. Recommendations...

6.1CVSS6.6AI score0.00475EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-1992

Malware in sbrugna...

6.1CVSS6.3AI score0.01177EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-9587

Malicious code in bioql PyPI...

4.4CVSS6.2AI score0.00223EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-49895

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00903EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-59432

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.8 views

CVE-2024-5002

The User Submitted Posts WordPress plugin before 20240516 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00423EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:27 a.m.5 views

CVE-2023-7251

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr User Submitted Posts allows Stored XSS.This issue affects User Submitted Posts: from n/a through 20230901...

6.5CVSS5.2AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:27 a.m.7 views

CVE-2016-11001

The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field...

6.1CVSS6AI score0.01177EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/03 7:21 a.m.6 views

CVE-2025-2874 User Submitted Posts <= 20241026 - Authenticated (Admin+) Stored Cross-Site Scripting

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20240319 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS5.9AI score0.00223EPSS
Exploits0References2
Rows per page
Query Builder