Multiple Page Generator Security Vulnerabilities and Issues — Multiple Page Generator CVE List

ThemeisleMultiple Page Generator

10 matches found

CVE•added 2024/04/03 11:53 a.m.•63 views

CVE-2024-27951

CVE-2024-27951 pertains to WordPress Multiple Page Generator Plugin (MPG) with versions up to 3.4.0. The issue is an Unrestricted Upload of a Dangerous File, enabling an attacker with Editor+ privileges to upload a web shell and achieve Remote Code Execution. The vulnerability is confirmed as exp...

9.1CVSS8.5AI score0.00603EPSS

CVE•added 2024/03/26 12:20 p.m.•63 views

CVE-2024-30235

Technical details about CVE-2024-30235 are not provided in the supplied documents. Public disclosures or vendor advisories are not included here; monitor for updates from the vendor, CVE databases, or security advisories.

8.8CVSS8.6AI score0.00439EPSS

CVE•added 2024/04/12 12:32 p.m.•62 views

CVE-2024-31301

CVE-2024-31301 is a CSRF vulnerability in the Themeisle Multiple Page Generator Plugin – MPG, affecting versions up to 3.4.0. The connected sources confirm the issue is CSRF in that plugin and link it to the same CVE entry. The provided documents describe the root cause as cross-site request forg...

8.8CVSS8.6AI score0.00221EPSS

CVE•added 2023/06/09 5:33 a.m.•52 views

CVE-2023-2607

The CVE-2023-2607 vulnerability affects the WordPress plugin Multiple Page Generator (MPG). It is a time-based SQL Injection caused by insufficient escaping of user-supplied values in the orderby/order parameters, exploitable by authenticated administrators to append SQL fragments and potentially...

7.2CVSS7.1AI score0.00841EPSS

CVE•added 2024/11/12 3:24 a.m.•49 views

CVE-2024-10672

CVE-2024-10672: The Multiple Page Generator Plugin – MPG for WordPress is vulnerable to directory traversal that enables authenticated attackers with editor-level access (and higher) to delete limited server files. Affected versions are

2.7CVSS3.5AI score0.00484EPSS

CVE•added 2025/01/26 6:41 a.m.•48 views

CVE-2024-10705

CVE-2024-10705 affects the WordPress plugin “Multiple Page Generator Plugin – MPG” with vulnerability in all versions up to 4.0.5. The flaw is Server-Side Request Forgery (SSRF) via the mpg_download_file_by_link function, allowing authenticated attackers with editor-level access or higher to trig...

8.1CVSS5.3AI score0.00316EPSS

CVE•added 2023/05/17 1:58 a.m.•47 views

CVE-2023-2608

CVE-2023-2608 affects the WordPress plugin “Multiple Page Generator Plugin – MPG” (versions up to 3.3.17). Root cause: missing nonce verification on the projects_list function and insufficient escaping/preparation in the SQL query, enabling a CSRF attack to append extra SQL to existing queries vi...

4.3CVSS5.3AI score0.00364EPSS

CVE•added 2023/10/31 2:12 p.m.•47 views

CVE-2023-33927

CVE-2023-33927 refers to WordPress plugin MPG (Multiple Page Generator by PortHas). Affected: MPG

9.8CVSS8.9AI score0.00675EPSS

CVE•added 2024/10/20 10:3 a.m.•47 views

CVE-2024-47325

CVE-2024-47325 corresponds to a SQL Injection in the WordPress plugin Multiple Page Generator Plugin – MPG (versions

8.8CVSS5.9AI score0.00459EPSS

CVE•added 2023/03/14 8:58 a.m.•46 views

CVE-2022-47143

CVE-2022-47143 is a CSRF vulnerability in Themeisle’s MPG Plugin (WordPress) versions

8.8CVSS6.5AI score0.0026EPSS