VYPR

Digital Publications By Supsystic

by Supsystic

CVEs (3)

  • CVE-2020-37245HigMay 16, 2026
    risk 0.49cvss 7.5epss 0.01

    Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequences. Additionally, the plugin fails to sanitize input fields in publication…

  • CVE-2023-5756MedDec 9, 2023
    risk 0.35cvss 5.4epss 0.00

    The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers…

  • CVE-2022-2384Aug 15, 2022
    risk 0.00cvss epss 0.00

    The Digital Publications by Supsystic WordPress plugin before 1.7.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.