83 matches found
WordPress User Submitted Posts plugin <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'uspaccess' Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin User Submitted Posts versions = 20260110...
CVE-2023-4779
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's uspgallery shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'before'. This makes it possible...
CVE-2023-45603
Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902...
WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability
Open Redirection vulnerability discovered by benzdeus in WordPress Plugin User Submitted Posts versions = 20251121...
WordPress User Submitted Posts plugin open to redirection vulnerability
WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...
EUVD-2025-205206
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...
CVE-2025-68509
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...
CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...
CVE-2025-68509 WordPress User Submitted Posts plugin <= 20251121 - Open Redirection vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Jeff Starr User Submitted Posts user-submitted-posts allows Phishing.This issue affects User Submitted Posts: from n/a through = 20251121...
CVE-2025-68509
CVE-2025-68509 affects the WordPress plugin User Submitted Posts . The reported issue is an unauthenticated Open Redirect flaw caused by insufficient validation of the redirect-override parameter, allowing attackers to redirect users to untrusted sites and facilitate phishing. Affected versions a...
WordPress plugin User Submitted Posts 安全漏洞
WordPress User Submitted Posts plugin is a WordPress plugin that allows website visitors to submit post content via a front-end form that includes features such as title, tags, categories, author information, URL, body text and image uploads. WordPress User Submitted Posts plugin suffers from an...
PT-2025-53081
Name of the Vulnerable Software and Affected Versions Jeff Starr User Submitted Posts versions prior to and including 20251121 Description The software contains an Open Redirect issue, allowing for potential phishing attacks. This occurs due to a redirection to an untrusted site. Recommendations...
EUVD-2016-1992
Malware in sbrugna...
EUVD-2025-9587
Malicious code in bioql PyPI...
EUVD-2023-49895
Malicious code in bioql PyPI...
EUVD-2023-59432
Malicious code in bioql PyPI...
CVE-2024-5002
The User Submitted Posts WordPress plugin before 20240516 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-7251
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jeff Starr User Submitted Posts allows Stored XSS.This issue affects User Submitted Posts: from n/a through 20230901...
CVE-2016-11001
The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field...
CVE-2025-2874 User Submitted Posts <= 20241026 - Authenticated (Admin+) Stored Cross-Site Scripting
The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20240319 due to insufficient input sanitization and output escaping. This makes it possible for...