Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages allows Stored XSS.This issue affects Nested Pages: from n/a through...
5.9CVSS
5.4AI Score
0.0004EPSS
The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to an Open Redirect via the page POST parameter in the npBulkActions, npBulkEdit, npListingSort, and npCategoryFilter admin_post...
6.1CVSS
6.2AI Score
0.001EPSS
The Nested Pages WordPress plugin <= 3.1.15 was vulnerable to Cross-Site Request Forgery via the npBulkActions and npBulkEdit admin_post actions, which allowed attackers to trash or permanently purge arbitrary posts as well as changing their status, reassigning their ownership, and editing other...
8.1CVSS
8.1AI Score
0.001EPSS