VYPR

Post Timeline

by WordPress

Source repositories

CVEs (4)

  • CVE-2024-13571HigFeb 26, 2025
    risk 0.46cvss 7.1epss 0.00

    The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

  • CVE-2025-24614HigFeb 14, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agile Logix Post Timeline post-timeline allows Reflected XSS.This issue affects Post Timeline: from n/a through <= 2.3.9.

  • CVE-2023-4284MedSep 4, 2023
    risk 0.40cvss 6.1epss 0.01

    The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

  • CVE-2026-32421MedMar 13, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Agile Logix Post Timeline post-timeline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Timeline: from n/a through <= 2.4.1.