Vulnerabilities and security researches forintegracao-rd-station integracao-rd-station

Jun 06, 2024

CVE, Research URL: CVE-2022-38139
Home page URL: Security reports for RD Station
Application: RD Station
Date: Sep 13, 2022
Research Description: Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.2.0 at WordPress.
Affected versions: max 5.2.1.
Status: vulnerable

Sep 06, 2024

CVE, Research URL: CVE-2024-6894
Home page URL: Security reports for RD Station
Application: RD Station
Date: Sep 05, 2024
Research Description: The RD Station plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.3.2 due to insufficient input sanitization and output escaping of post metaboxes added by the plugin. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: max 5.4.0.
Status: vulnerable

Jun 09, 2026

CVE, Research URL: CVE-2026-49774
Home page URL: Security reports for RD Station
Application: RD Station
Date: -
Research Description: RD Station [integracao-rd-station] < 5.7.0 CVE-2026-49774
Affected versions: max 5.7.0.
Status: vulnerable