MPL-Publisher
by WordPress
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-46226 | Med | 0.42 | 6.5 | 0.00 | Apr 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ferranfg MPL-Publisher mpl-publisher allows Stored XSS.This issue affects MPL-Publisher: from n/a through <= 2.18.0. | ||
| CVE-2021-39343 | Med | 0.36 | 5.5 | 0.01 | Oct 19, 2021 | The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php file which allowed attackers with administrative user access to inject… |
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ferranfg MPL-Publisher mpl-publisher allows Stored XSS.This issue affects MPL-Publisher: from n/a through <= 2.18.0.
- risk 0.36cvss 5.5epss 0.01
The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php file which allowed attackers with administrative user access to inject…