Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2025-01-03
CVE-2024-11733 - The Wordpress Popular Posts Plugin
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
PLUGIN
The Wordpress Popular Posts
CVE-2024-11733
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2023-45607 - Wordpress Popular Posts Plugin
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Hector Cabrera WordPress Popular Posts plugin
PLUGIN
Wordpress Popular Posts
CVE-2023-45607
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-42362 - Wordpress Popular Posts Plugin
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
PLUGIN
Wordpress Popular Posts
CVE-2021-42362
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-36872 - Wordpress Popular Posts Plugin
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions
PLUGIN
Wordpress Popular Posts
CVE-2021-36872
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-20746 - Wordpress Popular Posts Plugin
Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
PLUGIN
Wordpress Popular Posts
CVE-2021-20746
Risk Score