cleantalk
Vulnerabilities and Security Researches

WZ Followed Posts – Display what visitors are reading, 3eae433fab74b6aaf5f0694092126e677e3ca0fa

CVE, Research URL

3eae433fab74b6aaf5f0694092126e677e3ca0fa

Home page URL

Security reports for WZ Followed Posts – Display what visitors are reading

Application

WZ Followed Posts – Display what visitors are reading

Published on
Jul 19, 2023
Research Description
WZ Followed Posts &#8211; Display what visitors are reading [where-did-they-go-from-here] < 2.1.0 WordPress WZ Followed Posts - Display what visitors are reading Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) Update the WordPress WZ Followed Posts - Display what visitors are reading plugin to the latest available version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WZ Followed Posts - Display what visitors are reading Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.1.0.
Affected versions
Min -, max 2.1.0.
Status
vulnerable
Previous vulnerability researches
WZ Followed Posts &#8211; Display what visitors are reading (3eae433fab74b6aaf5f0694092126e677e3ca0fa) , Jun 07, 2024
WZ Followed Posts &#8211; Display what visitors are reading (CVE-2025-4171) , May 08, 2025
New vulnerability
UiPress lite | Effortless custom dashboards, admin themes and pages (CVE-2025-3053) , May 15, 2025
Lead Form Data Collection to CRM (CVE-2025-47690) , May 14, 2025
WordPress Portfolio Builder &#8211; Portfolio Gallery (CVE-2025-1757) , May 14, 2025
LiteSpeed Cache (CVE-2025-47437) , May 14, 2025
Frontend Dashboard (CVE-2025-4474) , May 14, 2025