Shapedplugin

Smart Post Show

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2024-8187

Exploit
  • EPSS 0.17%
  • Veröffentlicht 15.05.2025 20:15:58
  • Zuletzt bearbeitet 27.05.2025 19:53:19

The Smart Post Show WordPress plugin before 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disa...

3.5

CVE-2024-3996

Exploit
  • EPSS 0.08%
  • Veröffentlicht 15.05.2025 20:15:53
  • Zuletzt bearbeitet 13.11.2025 21:15:47

The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is dis...

5.4

CVE-2023-0097

Exploit
  • EPSS 0.2%
  • Veröffentlicht 30.01.2023 21:15:13
  • Zuletzt bearbeitet 21.04.2025 14:17:01

The Post Grid, Post Carousel, & List Category Posts WordPress plugin before 2.4.19 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributo...