CVE-2024-7429
- EPSS 0.21%
- Veröffentlicht 05.11.2024 10:21:16
- Zuletzt bearbeitet 08.11.2024 15:26:30
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and including, 7.3.12. This makes it possible for authenticat...
CVE-2024-47621
- EPSS 0.2%
- Veröffentlicht 05.10.2024 15:15:17
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Katie Zotpress zotpress allows Stored XSS.This issue affects Zotpress: from n/a through <= 7.3.10.
CVE-2024-34569
- EPSS 0.41%
- Veröffentlicht 08.05.2024 11:15:25
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Katie Zotpress zotpress.This issue affects Zotpress: from n/a through <= 7.3.9.
CVE-2024-30488
- EPSS 0.55%
- Veröffentlicht 29.03.2024 14:15:11
- Zuletzt bearbeitet 01.04.2026 16:16:56
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Katie Zotpress zotpress.This issue affects Zotpress: from n/a through <= 7.3.7.
CVE-2023-46313
- EPSS 0.08%
- Veröffentlicht 31.10.2023 10:15:08
- Zuletzt bearbeitet 21.11.2024 08:28:17
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.4 versions.