Vulnerabilities and security researches forpost-list-designer post-list-designer
Direction: descendingPosts List Designer by Category – List Category Posts Or Recent Posts # e7273a52d37b10c428e20c81e144ab0d172f52c8
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Feb 28, 2022
- Research Description
- Post List Designer – Category Post, Recent Post, Post List [post-list-designer] < 2.1.7 WordPress Posts List Designer by Category – List Category Posts Or Recent Posts plugin < 2.1.7 - Sensitive Information Disclosure vulnerability Sensitive Information Disclosure vulnerability discovered in WordPress Posts List Designer by Category – List Category Posts Or Recent Posts plugin (versions < 2.1.7).
- Affected versions
-
max 2.1.7.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # 6d8910c719b2a132ec93828cd37e418b19cac960
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Mar 04, 2022
- Research Description
- Post List Designer – Category Post, Recent Post, Post List [post-list-designer] < 2.1.7 Freemius SDK <= 2.4.2 - Missing Authorization Checks The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
- Affected versions
-
max 2.1.7.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # CVE-2023-33999
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Jun 11, 2026
- Research Description
- Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
- Affected versions
-
max 3.3.1.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # CVE-2024-13362
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- May 01, 2026
- Research Description
- Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
- Affected versions
-
max 3.3.8.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # CVE-2022-4974
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Oct 16, 2024
- Research Description
- The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
- Affected versions
-
max 2.1.7.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # 067b21bad31febc63c1cd2b3a0a852869e1df9cc
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Feb 28, 2022
- Research Description
- Post List Designer – Category Post, Recent Post, Post List [post-list-designer] < 2.1.7 WordPress Posts List Designer by Category – List Category Posts Or Recent Posts plugin < 2.1.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Posts List Designer by Category – List Category Posts Or Recent Posts plugin (versions < 2.1.7).
- Affected versions
-
max 2.1.7.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # CVE-2022-4749
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Jan 31, 2023
- Research Description
- The Posts List Designer by Category WordPress plugin before 3.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
- Affected versions
-
max 3.2.
- Status
-
vulnerable
Posts List Designer by Category – List Category Posts Or Recent Posts # CVE-2024-23502
- CVE, Research URL
- Home page URL
-
Security reports for Posts List Designer by Category – List Category Posts Or Recent Posts
- Date
- Jan 31, 2024
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in InfornWeb Posts List Designer by Category – List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category – List Category Posts Or Recent Posts: from n/a through 3.3.2.
- Affected versions
-
max 3.3.3.
- Status
-
vulnerable