VYPR

Listamester

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-30813MedMar 27, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through <= 2.3.5.

  • CVE-2025-24678MedJan 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through <= 2.3.4.

  • CVE-2024-13659MedJan 24, 2025
    risk 0.42cvss 6.4epss 0.00

    The Listamester plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'listamester' shortcode in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible…

  • CVE-2025-47446MedMay 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in listamester Listamester listamester allows Cross Site Request Forgery.This issue affects Listamester: from n/a through <= 2.3.6.