Vulnerabilities and security researches forf4-tree f4-tree

Jun 12, 2026

CVE, Research URL: CVE-2023-33999
Home page URL: Security reports for F4 Post Tree
Application: F4 Post Tree
Date: Jun 11, 2026
Research Description: Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
Affected versions: max 1.1.15.
Status: vulnerable

Jan 14, 2025

CVE, Research URL: CVE-2025-22499
Home page URL: Security reports for F4 Post Tree
Application: F4 Post Tree
Date: Jan 13, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Post Tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through 1.1.18.
Affected versions: max 1.1.19.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: dc8292346e8ea518acc1e92aee14e1233fcd3a68
Home page URL: Security reports for F4 Post Tree
Application: F4 Post Tree
Date: Feb 28, 2022
Research Description: F4 Post Tree [f4-tree] < 1.1.9 WordPress F4 Post Tree plugin <= 1.1.8 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress F4 Post Tree plugin (versions <= 1.1.8).
Affected versions: max 1.1.9.
Status: vulnerable