cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3972,https://securityvulnerability.io/vulnerability/CVE-2024-3972,Unprotected CSRF Vulnerability in Similarity WordPress Plugin Allows Stored XSS Attacks,"The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack",Wordpress,Similarity,4.3,MEDIUM,0.0004600000102072954,false,,false,false,true,true,false,false,2024-06-14T06:00:03.351Z,0
CVE-2024-3971,https://securityvulnerability.io/vulnerability/CVE-2024-3971,Similarity Plugin Vulnerability Allows CSRF Attacks,"The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack",Wordpress,Similarity,4.3,MEDIUM,0.0004600000102072954,false,,false,false,true,true,false,false,2024-06-14T06:00:03.148Z,0
CVE-2024-0509,https://securityvulnerability.io/vulnerability/CVE-2024-0509,Plugin Vulnerable to Reflected Cross-Site Scripting,"The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘request’ parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",Wordpress,WP 404 Auto Redirect to Similar Post,6.1,MEDIUM,0.0005699999746866524,false,,false,false,true,true,false,false,2024-02-05T21:21:47.651Z,0
CVE-2021-24537,https://securityvulnerability.io/vulnerability/CVE-2021-24537,Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution,"The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin.",Wordpress,Similar Posts – Best Related Posts Plugin For WordPress,7.2,HIGH,0.001509999972768128,false,,false,false,false,,false,false,2021-11-08T17:34:43.000Z,0