Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plugin-planet user submitted posts vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-45603
Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a up to and including 2...
Plugin-planet User Submitted Posts
1 Github repository
9.8
CVSSv3
CVE-2019-25138
The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the usp_check_images function in versions up to, and including, 20190312. This makes it possible for unauthenticated malicious users to upload arbitrary fi...
Plugin-planet User Submitted Posts
5.4
CVSSv3
CVE-2023-4779
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [usp_gallery] shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'be...
Plugin-planet User Submitted Posts
5.4
CVSSv3
CVE-2023-4308
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unau...
Plugin-planet User Submitted Posts
6.1
CVSSv3
CVE-2016-11001
The user-submitted-posts plugin prior to 20160215 for WordPress has XSS via the user-submitted-content field.
Plugin-planet User Submitted Posts
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started