2 matches found
CVE-2023-28931
Never5 Post Connector plugin prior to 1.0.9 is affected by a Stored Cross‑Site Scripting (XSS) vulnerability requiring admin+ authentication. The issue is mitigated by upgrading to version 1.0.9 or later.
CVE-2015-9362
CVE-2015-9362 concerns the WordPress Post Connector plugin prior to 1.0.4, where an XSS flaw exists through the use of add_query_arg() and remove_query_arg(). The vulnerability is in the Post Connector plugin for WordPress, which is affected by untrusted input that can be reflected in the page ou...