Magic-post-thumbnail CVE

Filtered by vendor Magic-post-thumbnail Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-43921	1 Magic-post-thumbnail	1 Magic Post Thumbnail	2024-09-04	7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9.
CVE-2024-6724	1 Magic-post-thumbnail	1 Generate Images	2024-08-13	4.8 Medium
The Generate Images WordPress plugin before 5.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2023-29171	1 Magic-post-thumbnail	1 Magic Post Thumbnail	2024-08-02	7.1 High
Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions.

Page 1 of 1.