Lucene search
Mpl-publisherMpl-publisher
2 matches found
CVE-2021-39343
The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in v...
5.5CVSS4.9AI score0.00568EPSS
CVE-2025-46226
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ferranfg MPL-Publisher allows Stored XSS. This issue affects MPL-Publisher: from n/a through 2.18.0.
6.5CVSS6.4AI score0.00039EPSS