Vulnerabilities > Ampforwp

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-24	CVE-2024-6896	Cross-site Scripting vulnerability in Ampforwp Accelerated Mobile Pages The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.96.1 due to insufficient input sanitization and output escaping. network low complexity ampforwp CWE-79	5.4
2024-01-23	CVE-2024-0587	Cross-site Scripting vulnerability in Ampforwp Accelerated Mobile Pages The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter in all versions up to, and including, 1.0.92.1 due to insufficient input sanitization and output escaping on the executed JS file. network low complexity ampforwp CWE-79	6.1
2022-03-18	CVE-2021-23150	Unspecified vulnerability in Ampforwp Accelerated Mobile Pages Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability discovered in AMP for WP – Accelerated Mobile Pages plugin <= 1.0.77.31 versions. network low complexity ampforwp	4.8
2022-03-18	CVE-2021-23209	Unspecified vulnerability in Ampforwp Accelerated Mobile Pages Multiple Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) vulnerabilities discovered in AMP for WP – Accelerated Mobile Pages WordPress plugin (versions <= 1.0.77.32). network low complexity ampforwp	4.8

Vulnerabilities > Ampforwp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ampforwp"}]}