Vulnerabilities and security researches formagical-posts-display magical-posts-display
Direction: ascendingJun 07, 2024
Magical Posts Display – Elementor Advanced Posts widgets # 6a3b1b82ce44e3d051a60a588c883084815f8a11
- CVE, Research URL
- Date
- Mar 21, 2023
- Research Description
- Magical Posts Display – Elementor Advanced Posts widgets [magical-posts-display] < 1.2.16 (closed) WordPress Magical Posts Display – Elementor & Gutenberg Posts Blocks Plugin <= 1.2.15 is vulnerable to Cross Site Request Forgery (CSRF) Update the WordPress Magical Posts Display – Elementor & Gutenberg Posts Blocks plugin to the latest available version (at least 1.2.16). Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Magical Posts Display – Elementor & Gutenberg Posts Blocks Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has been fixed in version 1.2.16.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Jul 14, 2024
Magical Posts Display – Elementor Advanced Posts widgets # CVE-2024-37951
- CVE, Research URL
- Date
- Jul 20, 2024
- Research Description
- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor alam Magical Posts Display – Elementor & Gutenberg Posts Blocks allows Stored XSS.This issue affects Magical Posts Display – Elementor & Gutenberg Posts Blocks: from n/a through 1.2.38.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Aug 01, 2025
Magical Posts Display – Elementor Advanced Posts widgets # CVE-2025-54706
- CVE, Research URL
- Date
- -
- Research Description
- Magical Posts Display – Elementor Advanced Posts widgets [magical-posts-display] < 1.2.53 CVE-2025-54706
- Affected versions
-
Min -, max -.
- Status
-
vulnerable