Filtered by vendor Postsnippets
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-25459 | 1 Postsnippets | 1 Post Snippets | 2024-11-21 | N/A | 5.9 MEDIUM |
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions. | |||||
CVE-2021-25010 | 1 Postsnippets | 1 Post Snippets | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and escaped, which could lead to Stored Cross-Site Scripting issues |