Twinpictures

Annual Archive

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2024-33598

  • EPSS 0.36%
  • Veröffentlicht 26.04.2024 08:15:12
  • Zuletzt bearbeitet 28.04.2026 19:25:09

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0.

5.4

CVE-2023-49847

  • EPSS 0.39%
  • Veröffentlicht 14.12.2023 14:15:44
  • Zuletzt bearbeitet 28.04.2026 19:22:30

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0.

5.4

CVE-2023-0178

Exploit
  • EPSS 0.57%
  • Veröffentlicht 06.02.2023 20:15:13
  • Zuletzt bearbeitet 26.03.2025 14:15:26

The Annual Archive WordPress plugin before 1.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to per...