VYPR
Vendor

Contentstudio

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2023-0556CriJan 27, 2023
    risk 0.64cvss 9.8epss 0.01

    The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to obtain the blog metadata (via the function…

  • CVE-2025-67910CriJan 8, 2026
    risk 0.59cvss 9.1epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through <= 1.3.7.

  • CVE-2023-0558HigJan 27, 2023
    risk 0.53cvss 8.2epss 0.01

    The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to execute functions intended for use by…

  • CVE-2025-12181HigDec 5, 2025
    risk 0.50cvss 8.8epss 0.01

    The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and…

  • CVE-2023-0557HigJan 27, 2023
    risk 0.49cvss 7.5epss 0.01

    The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts.

  • CVE-2025-49990MedJun 20, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contentstudio: from n/a through <= 1.3.7.

  • CVE-2025-47692MedMay 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through <= 1.3.5.

  • CVE-2025-13144MedDec 5, 2025
    risk 0.21cvss 4.3epss 0.00

    The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the add_cstu_settings function. This makes it possible for unauthenticated attackers to…