Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-9607
- EPSS 0.61%
- Published 25.10.2024 07:15:05
- Last modified 05.11.2024 17:40:57
The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenti...
6.1
CVE-2023-2503
- EPSS 0.12%
- Published 05.06.2023 14:15:10
- Last modified 08.01.2025 18:15:14
The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
1