CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6487 – Inline Related Posts < 3.8.0 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-6487
The Inline Related Posts WordPress plugin before 3.8.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) The Inline Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/eeec9608-a7b2-4926-bac2-4c81a65dd473 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6257 – Inline Related Posts < 3.6.0 - Subscriber+ Password Protected Post Read
https://notcve.org/view.php?id=CVE-2023-6257
The Inline Related Posts WordPress plugin before 3.6.0 does not ensure that post content displayed via an AJAX action are accessible to the user, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts El complemento Inline Related Posts de WordPress anterior a 3.6.0 no garantiza que el contenido de la publicación mostrado mediante una acción AJAX sea accesible para el usuario, lo que permite que cualquier usuario autenticado, como un suscriptor, recupere el contenido de las publicaciones protegidas con contraseña. The Inline Related Posts WordPress plugin before 3.6.0 is missing authorization in an AJAX action to ensure that users are allowed to see the content of the posts displayed, allowing any authenticated user, such as subscriber to retrieve the content of password protected posts The Inline Related Posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.0 via the irp_get_list_posts() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve the contents of password protected posts. • https://wpscan.com/vulnerability/19a86448-8d7c-4f02-9290-d9f93810e6e1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2444 – Inline Related Posts < 3.5.0 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-2444
The Inline Related Posts WordPress plugin before 3.5.0 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El complemento Related Posts de WordPress en línea anterior a 3.5.0 no desinfecta ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como el administrador, realizar ataques de cross-site scripting incluso cuando unfiltered_html no está permitido. The Inline Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/214e5fd7-8684-418a-b67d-60b1dcf11a48 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •