Themeisle Multiple Page Generator Plugin – Mpg
11 CVEs affecting Themeisle Multiple Page Generator Plugin – Mpg. Latest disclosed: 2025-01-26. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-27951 | Critical | 9.1 | 2024-04-03 | Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This… |
CVE-2023-33927 | High | 7.6 | 2023-10-31 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG multiple-p… |
CVE-2023-2607 | High | 7.2 | 2023-06-09 | The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and includin… |
CVE-2024-10705 | Medium | 5.4 | 2025-01-26 | The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the… |
CVE-2024-7424 | Medium | 5.4 | 2024-11-01 | The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to unauthorized modification of and access to data due to a missing capability chec… |
CVE-2024-31301 | Medium | 5.4 | 2024-04-12 | Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from… |
CVE-2024-1047 | Medium | 5.3 | 2024-02-02 | Multiple plugins and/or themes for WordPress with the ThemeIsle SDK are vulnerable to unauthorized modification of data due to a missing capability check on th… |
CVE-2024-30235 | Medium | 4.3 | 2024-03-26 | Missing Authorization vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through… |
CVE-2022-47143 | Medium | 4.3 | 2023-03-14 | Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin <= 3.3.9 versions. |
CVE-2023-2608 | Low | 3.1 | 2023-05-17 | The Multiple Page Generator Plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order para… |
CVE-2024-10672 | Low | 2.7 | 2024-11-12 | The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upse… |