Vulnerabilities and security researches forcontent-cards content-cards

Jun 06, 2024

CVE, Research URL: CVE-2017-17096
Home page URL: Security reports for Content Cards
Application: Content Cards
Date: Dec 04, 2017
Research Description: Cross-site scripting (XSS) vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data.
Affected versions: max 0.9.7.
Status: vulnerable

CVE, Research URL: CVE-2024-24928
Home page URL: Security reports for Content Cards
Application: Content Cards
Date: Feb 12, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7.
Affected versions: max 0.9.7.
Status: vulnerable

Jun 16, 2026

CVE, Research URL: db15348b77f6369b1ad606fa45976463479a86ea
Home page URL: Security reports for Content Cards
Application: Content Cards
Date: Dec 04, 2017
Research Description: Content Cards [content-cards] < 0.9.7 (closed) WordPress Content Cards Plugin <= 0.9.6 - Cross-Site Scripting vulnerability A cross site scripting vulnerability was found in WordPress Content Cards plugin in 0.9.6 version. This vulnerability is related to OpenGraph Data Handler functionality. The data is not sanitized properly and it leads to a cross site scripting vulnerability.
Affected versions: max 0.9.7.
Status: vulnerable