CVE-2025-55707

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through = 4.1.35...

WordPress PostX Plugin <= 4.1.16 is vulnerable to Broken Access Control

Software PostX Type Plugin Vulnerable versions = 4.1.16 Fixed in 4.1.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10728 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 29722a758707 Credits Sean Murphy Required privilege...

WordPress PostX Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software PostX Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3992 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c90860a27d52 Credits Bob Matyas Required privileg...

WordPress PostX Plugin <= 2.9.9 is vulnerable to Cross Site Scripting (XSS)

Software PostX Type Plugin Vulnerable versions = 2.9.9 Fixed in 2.9.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36385 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 34333ee198ac Credits Le Ngoc Anh Required...