Pods Security Vulnerabilities and Issues — Pods CVE List

Lucene search

PodsfoundationPods

3 matches found

CVE•added 2024/04/09 7:15 p.m.•57 views

CVE-2023-6999

The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Remote Code Exxecution via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2). This makes it possible for authenticated attackers, with contributor level access ...

8.8CVSS9.4AI score0.00839EPSS

CVE•added 2024/04/09 7:15 p.m.•52 views

CVE-2023-6967

The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2) due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

8.8CVSS9.3AI score0.00327EPSS

CVE•added 2024/04/09 7:15 p.m.•48 views

CVE-2023-6965

The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2). This is due to the fact that the plugin allows the use of a file inclusion feature via shortcode....

4.3CVSS9AI score0.00222EPSS