Vulnerabilities and security researches forcontextual-related-posts contextual-related-posts

Jun 07, 2024

CVE, Research URL: CVE-2023-0252
Home page URL: Security reports for Contextual Related Posts
Application: Contextual Related Posts
Date: Feb 07, 2023
Research Description: The Contextual Related Posts WordPress plugin before 3.3.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2013-2710
Home page URL: Security reports for Contextual Related Posts
Application: Contextual Related Posts
Date: Jun 02, 2014
Research Description: Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via unspecified vectors.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2014-3937
Home page URL: Security reports for Contextual Related Posts
Application: Contextual Related Posts
Date: Jun 02, 2014
Research Description: SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Affected versions: Min -, max -.
Status: vulnerable

May 09, 2025

CVE, Research URL: CVE-2025-47506
Home page URL: Security reports for Contextual Related Posts
Application: Contextual Related Posts
Date: May 07, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Contextual Related Posts allows DOM-Based XSS. This issue affects Contextual Related Posts: from n/a through 4.0.2.
Affected versions: Min -, max -.
Status: vulnerable