Vulnerabilities > Themeisle > Multiple Page Generator > 3.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-26 | CVE-2024-10705 | Server-Side Request Forgery (SSRF) vulnerability in Themeisle multiple Page Generator The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. | 8.1 |
| 2024-11-12 | CVE-2024-10672 | Path Traversal vulnerability in Themeisle multiple Page Generator The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upsert_project_source_block() function in all versions up to, and including, 4.0.2. | 2.7 |
| 2024-04-12 | CVE-2024-31301 | Unspecified vulnerability in Themeisle multiple Page Generator Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | 8.8 |
| 2024-04-03 | CVE-2024-27951 | Unspecified vulnerability in Themeisle multiple Page Generator Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | 7.2 |
| 2024-03-26 | CVE-2024-30235 | Unspecified vulnerability in Themeisle multiple Page Generator Missing Authorization vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | 8.8 |