WordPress Ultimate Posts Widget Plugin <= 2.2.9 is vulnerable to Broken Access Control

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 565122e43072 Credits Dhabaleshwar Das Requir...

WordPress Ultimate Posts Widget Plugin < 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Posts Widget Type Plugin Vulnerable versions 2.3.1 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0561 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4601be1431bf Credits Dmitrii ignatyev...

WordPress Ultimate Posts Widget Plugin <= 2.2.4 is vulnerable to Broken Access Control

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0958 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 65c113fe970b Credits WordFence Required...

WordPress Ultimate Posts Widget Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3977 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ecda45839866 Credits WordFence...