3 matches found
CVE-2025-49875
CVE-2025-49875 is a Stored XSS in the WordPress plugin If-So Dynamic Content Personalization (versions up to 1.9.3.1). Public sources confirm impact as Cross Site Scripting via input handling in web page generation. The vulnerability affects the If-So Dynamic Content Personalization plugin; explo...
CVE-2024-10796
CVE-2024-10796 (If-So Dynamic Content Personalization, WordPress) The WordPress plugin is vulnerable to information exposure on all versions up to 1.9.2.1 via the ifso-show-post shortcode due to insufficient post access restrictions. Authenticated attackers with Contributor level or higher could ...
PT-2024-37364 · WordPress · If-So Dynamic Content Personalization
Name of the Vulnerable Software and Affected Versions: If-So Dynamic Content Personalization WordPress plugin versions prior to 1.8.0.4 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html...