VYPR

Postx

by Wpxpo

CVEs (10)

  • CVE-2025-69313HigJan 22, 2026
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3.

  • CVE-2025-55707HigDec 18, 2025
    risk 0.47cvss 7.2epss 0.00

    Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through <= 4.1.35.

  • CVE-2025-54751HigDec 18, 2025
    risk 0.46cvss 7.1epss 0.00

    Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 4.1.36.

  • CVE-2023-36385HigJul 25, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpxpo PostX – Gutenberg Post Grid Blocks plugin <= 2.9.9 versions.

  • CVE-2025-31096MedMar 28, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through <= 4.1.25.

  • CVE-2024-53818MedDec 9, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through <= 4.1.15.

  • CVE-2024-50513MedNov 19, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows Stored XSS.This issue affects PostX: from n/a through <= 4.1.15.

  • CVE-2024-50443MedOct 28, 2024
    risk 0.35cvss 5.4epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through <= 4.1.12.

  • CVE-2024-31246MedJun 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 3.2.3.

  • CVE-2025-68606MedDec 24, 2025
    risk 0.34cvss 5.3epss 0.00

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPXPO PostX ultimate-post allows Retrieve Embedded Sensitive Data.This issue affects PostX: from n/a through <= 5.0.3.