Wordpress Popular Posts Project: >> Wordpress Popular Posts >> 5.3.3 Security Vulnerabilities
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Hector Cabrera WordPress Popular Posts plugin <= 6.3.2 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-18
External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulated through a crafted input.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-12-07
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Vulnerable at &widget-wpp[2][post_type].
CVSS Score
5.5
EPSS Score
0.002
Published
2021-09-23