VYPR

Related Posts For Wp

by WordPress

CVEs (3)

  • CVE-2021-24180MedApr 5, 2021
    risk 0.35cvss 5.4epss 0.01

    Unvalidated input and lack of output encoding within the Related Posts for WordPress plugin before 2.0.4 lead to a Reflected Cross-Site Scripting (XSS) vulnerability within the 'lang' GET parameter while editing a post, triggered when users with the capability of editing posts…

  • CVE-2021-24482MedJul 19, 2021
    risk 0.31cvss 4.8epss 0.01

    The Related Posts for WordPress plugin through 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Site Scripting issues.

  • CVE-2022-3506MedOct 14, 2022
    risk 0.00cvss 5.4epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository barrykooij/related-posts-for-wp prior to 2.1.3.