Filtered by vendor Postsnippets
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-25459 | 1 Postsnippets | 1 Post Snippets | 2024-11-21 | 5.9 Medium |
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions. | ||||
CVE-2021-25010 | 1 Postsnippets | 1 Post Snippets | 2024-11-21 | 9.6 Critical |
The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and escaped, which could lead to Stored Cross-Site Scripting issues |
Page 1 of 1.