Wpxpo

Postx

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-31096

  • EPSS 0.03%
  • Published 28.03.2025 09:39:51
  • Last modified 28.03.2025 18:11:40

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX allows DOM-Based XSS. This issue affects PostX: from n/a through 4.1.25.

6.5

CVE-2024-53818

  • EPSS 0.08%
  • Published 09.12.2024 13:15:41
  • Last modified 09.12.2024 13:15:41

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX allows Stored XSS.This issue affects PostX: from n/a through 4.1.15.

5.9

CVE-2024-50513

  • EPSS 0.07%
  • Published 19.11.2024 17:15:10
  • Last modified 19.11.2024 21:57:32

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX allows Stored XSS.This issue affects PostX: from n/a through 4.1.15.

8.8

CVE-2024-10728

  • EPSS 41.81%
  • Published 16.11.2024 05:15:12
  • Last modified 09.07.2025 18:48:39

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up...

5.4

CVE-2024-50443

  • EPSS 0.06%
  • Published 28.10.2024 14:15:04
  • Last modified 29.09.2025 21:54:22

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX allows Stored XSS.This issue affects PostX: from n/a through 4.1.12.

6.8

CVE-2024-4305

Exploit
  • EPSS 0.15%
  • Published 17.06.2024 06:15:09
  • Last modified 13.05.2025 01:33:44

The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contr...

8.8

CVE-2024-31246

  • EPSS 0.29%
  • Published 09.06.2024 09:15:11
  • Last modified 21.11.2024 09:13:07

Missing Authorization vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through 3.2.3.

6.4

CVE-2024-5223

  • EPSS 0.19%
  • Published 30.05.2024 04:15:10
  • Last modified 21.11.2024 09:47:13

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploading feature in all versions up to, and including, 4.1.1 due to insufficient input sanitizat...

5.4

CVE-2024-3239

Exploit
  • EPSS 0.25%
  • Published 14.05.2024 15:40:31
  • Last modified 14.05.2025 17:14:04

The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.0.2 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contr...

6.1

CVE-2023-3992

Exploit
  • EPSS 0.1%
  • Published 30.08.2023 15:15:09
  • Last modified 23.04.2025 17:16:39

The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin