Wpstream
by WordPress
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-39527 | Med | 0.35 | 5.4 | 0.00 | Jun 15, 2026 | Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions. | ||
| CVE-2026-39526 | Med | 0.35 | 5.4 | 0.00 | Apr 8, 2026 | Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through < 4.11.2. | ||
| CVE-2023-38512 | Med | 0.35 | 5.4 | 0.00 | Jul 27, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream wpstream allows Cross Site Request Forgery.This issue affects WpStream: from n/a through <= 4.5.4. | ||
| CVE-2025-68522 | Med | 0.28 | 4.3 | 0.00 | Dec 24, 2025 | Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5. | ||
| CVE-2023-27458 | 0.00 | — | 0.00 | Nov 22, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream plugin <= 4.4.10 versions. |
- risk 0.35cvss 5.4epss 0.00
Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.
- risk 0.35cvss 5.4epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through < 4.11.2.
- risk 0.35cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream wpstream allows Cross Site Request Forgery.This issue affects WpStream: from n/a through <= 4.5.4.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through <= 4.9.5.
- CVE-2023-27458Nov 22, 2023risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream plugin <= 4.4.10 versions.