cleantalk
Vulnerabilities and Security Researches

AMP for WP – Accelerated Mobile Pages, CVE-2018-20838

CVE, Research URL

CVE-2018-20838

Home page URL

Security reports for AMP for WP – Accelerated Mobile Pages

Application

AMP for WP – Accelerated Mobile Pages

Published on
May 13, 2019
Research Description
ampforwp_save_steps_data in the AMP for WP plugin before 0.9.97.21 for WordPress allows stored XSS.
Affected versions
Min -, max 0.9.97.21.
Status
vulnerable
Previous vulnerability researches
AMP for WP – Accelerated Mobile Pages (CVE-2024-0587) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2021-23150) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2021-23209) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2024-1043) , Jun 07, 2024
AMP for WP – Accelerated Mobile Pages (CVE-2023-48321) , Jun 07, 2024
New vulnerability
SB Chart block (CVE-2025-3661) , Apr 20, 2025
Themesflat Addons For Elementor (CVE-2025-3275) , Apr 20, 2025
WP Simple Booking Calendar (CVE-2025-39541) , Apr 20, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025