Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Plugin-planetUser Submitted Posts*

3 matches found

CVE
CVEadded 2023/08/15 7:32 a.m.55 views

CVE-2023-4308

CVE-2023-4308 affects the WordPress plugin User Submitted Posts, with Stored Cross-Site Scripting via the user-submitted-content parameter in versions up to and including 20230809. The exploitation is unauthenticated and can cause arbitrary script execution when a user visits an injected page. Pu...

7.2CVSS5.4AI score0.00309EPSS
CVE
CVEadded 2019/09/20 2:35 p.m.51 views

CVE-2016-11001

CVE-2016-11001 affects the WordPress plugin user-submitted-posts prior to 20160215. The vulnerability is described as XSS via the user-submitted-content field in the plugin. The connected documents reiterate the same description across NVD/Red Hat/other listings, with no explicit exploit details ...

6.1CVSS6AI score0.00174EPSS
CVE
CVEadded 2024/07/13 6:0 a.m.50 views

CVE-2024-5002

The CVE-2024-5002 entry concerns the WordPress plugin User Submitted Posts (versions before 20240516). The underlying issue is that the plugin does not sanitize and escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., administrators), even when unfiltered_h...

4.8CVSS4.7AI score0.0017EPSS