Ampforwp Accelerated_mobile_pages
7 CVEs affecting Ampforwp Accelerated_mobile_pages. Latest disclosed: 2024-12-18. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-9598 | High | 8.8 | 2024-10-25 | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.99.1. This… |
CVE-2024-1043 | Medium | 6.5 | 2024-02-29 | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'amppb_remov… |
CVE-2024-6896 | Medium | 6.4 | 2024-07-24 | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and inc… |
CVE-2024-11254 | Medium | 6.1 | 2024-12-18 | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the disqus_name parameter in all versions up… |
CVE-2024-0587 | Medium | 6.1 | 2024-01-23 | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter in all versions… |
CVE-2021-23209 | Medium | 4.8 | 2022-03-18 | Multiple Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) vulnerabilities discovered in AMP for WP – Accelerated Mobile Pages WordPress pl… |
CVE-2021-23150 | Medium | 4.8 | 2022-03-18 | Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability discovered in AMP for WP – Accelerated Mobile Pages plugin <= 1.0.77.31 versions. |