Vulnerabilities > Yarpp > YET Another Related Posts Plugin > 5.30.4

DATE CVE VULNERABILITY TITLE RISK
2024-06-19 CVE-2023-6495 Cross-site Scripting vulnerability in Yarpp YET Another Related Posts Plugin
The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 5.30.9 due to insufficient input sanitization and output escaping.
network
low complexity
yarpp CWE-79
4.8
4.8
2024-05-17 CVE-2022-45374 Unspecified vulnerability in Yarpp YET Another Related Posts Plugin
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in YARPP allows PHP Local File Inclusion.This issue affects YARPP: from n/a through 5.30.4.
network
low complexity
yarpp
6.5
6.5
2024-02-29 CVE-2024-0602 Cross-site Scripting vulnerability in Yarpp YET Another Related Posts Plugin
The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.30.9 due to insufficient input sanitization and output escaping.
network
high complexity
yarpp CWE-79
4.0
4.0