Wpxpo

Postx

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2026-0718

  • EPSS 0.01%
  • Veröffentlicht 16.04.2026 07:39:50
  • Zuletzt bearbeitet 16.04.2026 08:16:27

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ultp_shareCount_callback() function in all versions up to, and ...

7.2

CVE-2026-1273

  • EPSS 0.05%
  • Veröffentlicht 04.03.2026 01:21:59
  • Zuletzt bearbeitet 04.03.2026 18:08:05

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.8 via the `/ultp/v3/starter_dummy_post/` and `/ultp/v3/starter_impor...

7.5

CVE-2025-69313

  • EPSS 0.05%
  • Veröffentlicht 22.01.2026 16:52:32
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3.

7.5

CVE-2025-68606

  • EPSS 0.05%
  • Veröffentlicht 24.12.2025 13:10:48
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPXPO PostX ultimate-post allows Retrieve Embedded Sensitive Data.This issue affects PostX: from n/a through <= 5.0.3.

7.5

CVE-2025-12980

  • EPSS 0.12%
  • Veröffentlicht 21.12.2025 02:20:32
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/get_dynamic_content/' REST API endpoint in all versions up ...

7.2

CVE-2025-55707

  • EPSS 0.05%
  • Veröffentlicht 18.12.2025 07:21:50
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-post allows Privilege Escalation.This issue affects PostX: from n/a through <= 4.1.35.

7.1

CVE-2025-54751

  • EPSS 0.04%
  • Veröffentlicht 18.12.2025 07:21:50
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 4.1.36.

6.5

CVE-2025-31096

  • EPSS 0.14%
  • Veröffentlicht 28.03.2025 09:39:51
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through <= 4.1.25.

6.5

CVE-2024-53818

  • EPSS 0.26%
  • Veröffentlicht 09.12.2024 13:15:41
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through <= 4.1.15.

5.9

CVE-2024-50513

  • EPSS 0.19%
  • Veröffentlicht 19.11.2024 17:15:10
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows Stored XSS.This issue affects PostX: from n/a through <= 4.1.15.