Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2023-4035
- EPSS 0.12%
- Veröffentlicht 30.08.2023 15:15:09
- Zuletzt bearbeitet 23.04.2025 17:16:41
The Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to pe...
4.3
CVE-2023-4036
- EPSS 0.11%
- Veröffentlicht 30.08.2023 15:15:09
- Zuletzt bearbeitet 02.05.2025 16:15:22
The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private a...
1