Yarpp Yet_another_related_posts_plugin

7 CVEs affecting Yarpp Yet_another_related_posts_plugin. Latest disclosed: 2024-11-01. Critical: 0, High: 2.

Top CVEs affecting Yarpp Yet_another_related_posts_plugin
CVESeverityScorePublishedSummary
CVE-2023-0579High8.82023-08-16The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow…
CVE-2022-45374High7.72024-05-17Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in YARPP allows PHP Local File Inclusion.This issue affects YARPP…
CVE-2023-2433Medium6.42023-07-18The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'className' parameter in versions up to, and including, 5.30.3 due to insuffici…
CVE-2022-4471Medium5.42023-02-13The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the sho…
CVE-2024-43919Medium5.32024-11-01Access Control vulnerability in YARPP YARPP allows . This issue affects YARPP: from n/a through 5.30.10.
CVE-2023-6495Medium4.42024-06-19The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and inc…
CVE-2024-0602Medium4.42024-02-29The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and in…