2 matches found
CVE-2015-9411
CVE-2015-9411 affects the WordPress Postmatic plugin prior to version 1.4.6. The vulnerability is Cross-Site Scripting (XSS) in the plugin, enabling potential client-side code execution. Remediation: upgrade to Postmatic 1.4.6 or later. Other connected sources corroborate the XSS issue for this p...
CVE-2022-4265
CVE-2022-4265 affects the Replyable WordPress plugin prior to 2.2.10. The vulnerability arises because the plugin does not validate the submitted class name when instantiating an object in the prompt_dismiss_notice action and is missing a CSRF check in the related action, enabling any authenticat...