cleantalk
Vulnerabilities and Security Researches

Inline Related Posts, 8b9ee477f3905d19661a39145d5228f7ba92588d

CVE, Research URL

8b9ee477f3905d19661a39145d5228f7ba92588d

Home page URL

Security reports for Inline Related Posts

Application

Inline Related Posts

Published on
Oct 09, 2021
Research Description
Inline Related Posts [intelly-related-posts] < 3.0.5 Inline Related Posts <= 3.0.4 - Authenticated (Admin+) Cross-Site Scripting The Inline Related Posts plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative capabilities, to inject arbitrary web scripts that execute in a victim's browser. This only affects multi-site installations, and installations where unfiltered_html has been disabled.
Affected versions
max 3.0.5.
Status
vulnerable
Previous vulnerability researches
Elizaibots (CVE-2025-49893) , Aug 20, 2025
Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026
New vulnerability
Weblizar Pin It Button On Image Hover And Post (83961cce-646d-494d-a468-f5583ad83688) , Jun 16, 2026
Weblizar Pin It Button On Image Hover And Post (e3eb806cbcd2fc7656b61a5bba70b0aebb0f9307) , Jun 16, 2026
Adsmonetizer (ee7ab55ad6e2bb41f4aa956322bd479e7e4c4f4e) , Jun 16, 2026
Adsmonetizer (b67d7ea843cd507773feb2eb5c0bdf94a999deed) , Jun 16, 2026
Fullscreen Menu (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026