Skip to main content

Insert Pages

2 CVEs product

Monthly

CVE-2021-24851 MEDIUM POC PATCH This Month

The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status (ie. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress Authentication Bypass Insert Pages
NVD WPScan
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-24850 MEDIUM POC This Month

The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that prints out other pages' content and custom fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Insert Pages
NVD WPScan
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status (ie. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress Authentication Bypass Insert Pages
NVD WPScan
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that prints out other pages' content and custom fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Insert Pages
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy