cleantalk
Vulnerabilities and Security Researches

Magical Posts Display – Elementor Advanced Posts widgets, 6a3b1b82ce44e3d051a60a588c883084815f8a11

CVE, Research URL

6a3b1b82ce44e3d051a60a588c883084815f8a11

Home page URL

Security reports for Magical Posts Display – Elementor Advanced Posts widgets

Application

Magical Posts Display – Elementor Advanced Posts widgets

Published on
Mar 21, 2023
Research Description
Magical Posts Display – Elementor Advanced Posts widgets [magical-posts-display] < 1.2.16 (closed) WordPress Magical Posts Display – Elementor & Gutenberg Posts Blocks Plugin <= 1.2.15 is vulnerable to Cross Site Request Forgery (CSRF) Update the WordPress Magical Posts Display – Elementor & Gutenberg Posts Blocks plugin to the latest available version (at least 1.2.16). Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Magical Posts Display – Elementor & Gutenberg Posts Blocks Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has been fixed in version 1.2.16.
Affected versions
Min -, max 1.2.16.
Status
vulnerable
Previous vulnerability researches
Magical Posts Display – Elementor Advanced Posts widgets (6a3b1b82ce44e3d051a60a588c883084815f8a11) , Jun 07, 2024
Magical Posts Display – Elementor Advanced Posts widgets (CVE-2024-37951) , Jul 14, 2024
Magical Posts Display – Elementor Advanced Posts widgets (CVE-2025-54706) , Aug 01, 2025
New vulnerability
Google Map Targeting (CVE-2025-52732) , Aug 04, 2025
WP CTA &#8211; Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin (CVE-2025-8152) , Aug 04, 2025
One Click Demo Import , Aug 04, 2025
My Reservation System (CVE-2025-7022) , Aug 02, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-54682) , Aug 02, 2025