Filtered by vendor Ajaydsouza
Subscriptions
Filtered by product Contextual Related Posts
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2986 | 2 Ajaydsouza, Wordpress | 2 Contextual Related Posts, Wordpress | 2026-04-22 | 6.4 Medium |
| The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'other_attributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2014-3937 | 1 Ajaydsouza | 1 Contextual Related Posts | 2025-04-12 | N/A |
| SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-2710 | 1 Ajaydsouza | 1 Contextual Related Posts | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via unspecified vectors. | ||||
Page 1 of 1.