Skip to main content

Contextual Related Posts

4 CVEs product

Monthly

CVE-2026-32565 MEDIUM PATCH This Month

Contextual Related Posts versions before 4.2.2 contain an authorization bypass vulnerability that allows unauthenticated attackers to access sensitive information by exploiting improperly configured access controls. The vulnerability affects the plugin's ability to enforce proper permission checks, potentially exposing confidential data to unauthorized users. No patch is currently available for this issue.

Authentication Bypass Contextual Related Posts
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-0252 MEDIUM POC This Month

The Contextual Related Posts WordPress plugin before 3.3.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Contextual Related Posts
NVD WPScan
CVSS 3.1
5.4
EPSS
0.5%
CVE-2014-3937 HIGH PATCH This Week

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress SQLi Contextual Related Posts
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-2710 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

XSS CSRF WordPress Contextual Related Posts
NVD
CVSS 2.0
6.8
EPSS
0.1%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Contextual Related Posts versions before 4.2.2 contain an authorization bypass vulnerability that allows unauthenticated attackers to access sensitive information by exploiting improperly configured access controls. The vulnerability affects the plugin's ability to enforce proper permission checks, potentially exposing confidential data to unauthorized users. No patch is currently available for this issue.

Authentication Bypass Contextual Related Posts
NVD VulDB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Contextual Related Posts WordPress plugin before 3.3.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Contextual Related Posts
NVD WPScan
EPSS 0% CVSS 7.5
HIGH PATCH This Week

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress SQLi Contextual Related Posts
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

XSS CSRF WordPress +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy