) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:smartlogix:wp-insert:2.4.2:*:*:*:*:wordpress:*:*
- CPE Name Search: true
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-25461 |
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions. Published: April 25, 2023; 4:15:09 PM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
| CVE-2018-17573 |
The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and fckeditor/editor/filemanager/connectors/uploadtest.html. Published: September 28, 2018; 1:29:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |