Vulnerabilities > Ampforwp > Accelerated Mobile Pages > 1.0.77.37.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-18 | CVE-2024-11254 | Cross-site Scripting vulnerability in Ampforwp Accelerated Mobile Pages The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the disqus_name parameter in all versions up to, and including, 1.1.1 due to insufficient input validation. | 6.1 |
| 2024-07-24 | CVE-2024-6896 | Cross-site Scripting vulnerability in Ampforwp Accelerated Mobile Pages The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.96.1 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-01-23 | CVE-2024-0587 | Cross-site Scripting vulnerability in Ampforwp Accelerated Mobile Pages The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter in all versions up to, and including, 1.0.92.1 due to insufficient input sanitization and output escaping on the executed JS file. | 6.1 |