Skip to main content

Wordpress Popular Posts

5 CVEs product

Monthly

CVE-2023-45607 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Popular Posts
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2022-43468 HIGH This Week

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure WordPress Wordpress Popular Posts
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-42362 HIGH POC PATCH THREAT Act Now

The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress RCE PHP File Upload Wordpress Popular Posts
NVD GitHub WPScan Exploit-DB
CVSS 3.1
8.8
EPSS
79.8%
CVE-2021-36872 MEDIUM This Month

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Popular Posts
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-20746 MEDIUM This Month

Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Popular Posts
NVD
CVSS 3.1
5.4
EPSS
1.4%
EPSS 0% CVSS 5.4
MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Popular Posts
NVD
EPSS 1% CVSS 7.5
HIGH This Week

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure WordPress Wordpress Popular Posts
NVD GitHub
EPSS 80% CVSS 8.8
HIGH POC PATCH THREAT Act Now

The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress RCE PHP +2
NVD GitHub WPScan Exploit-DB
EPSS 1% CVSS 5.4
MEDIUM This Month

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Popular Posts
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM This Month

Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Popular Posts
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy