Vulnerabilities > Newsignature
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-18 | CVE-2024-10078 | Missing Authorization vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4. | 5.4 |
2024-10-18 | CVE-2024-10079 | Deserialization of Untrusted Data vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax_import_content' function. | 8.8 |
2024-10-18 | CVE-2024-10080 | Cross-site Scripting vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |