CVE-2026-25001

CVE-2026-25001 is a confirmed vulnerability in the WordPress plugin Post Snippets (formerly Post Snippets – Custom WordPress Code Snippets Customizer) affecting versions up to 4.0.12. The Wordfence entry characterizes the issue as a Remote Code Execution vulnerability requiring authenticated acce...

WordPress Post Snippets plugin <= 4.0.12 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Doan Dinh Van in WordPress Plugin Post Snippets versions = 4.0.12...

CVE-2025-63040 WordPress Post Snippets plugin <= 4.0.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal Post Snippets post-snippets allows Cross Site Request Forgery.This issue affects Post Snippets: from n/a through = 4.0.11...

WordPress Post Snippets Plugin < 4.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Post Snippets Type Plugin Vulnerable versions 4.0.4 Fixed in 4.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e4d64cbe7635 Credits Rafie Muhammad Patchstack Required...

WordPress Post Snippets Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Post Snippets Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25459 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID db47be90330a Credits Abdi Pranata Required...