Smart Post Show Security Vulnerabilities and Issues — Smart Post Show CVE List

Lucene search

ShapedpluginSmart Post Show

3 matches found

CVE•added 2023/01/30 9:15 p.m.•41 views

CVE-2023-0097

The Post Grid, Post Carousel, & List Category Posts WordPress plugin before 2.4.19 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scr...

5.4CVSS5.3AI score0.00119EPSS

CVE•added 2025/05/15 8:15 p.m.•19 views

CVE-2024-8187

The Smart Post Show WordPress plugin before 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

4.8CVSS5.4AI score0.00019EPSS

CVE•added 2025/05/15 8:15 p.m.•13 views

CVE-2024-3996

The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

6.1CVSS5.7AI score0.00042EPSS