Vulnerabilities > Kylephillips > Nested Pages > 3.1.22
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-14 | CVE-2023-49195 | Unspecified vulnerability in Kylephillips Nested Pages Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages allows Stored XSS.This issue affects Nested Pages: from n/a through 3.2.6. | 4.8 |
| 2023-05-31 | CVE-2023-2434 | Missing Authorization vulnerability in Kylephillips Nested Pages The Nested Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'reset' function in versions up to, and including, 3.2.3. | 3.8 |