Agilelogix Post Timeline vulnerabilities
2 known vulnerabilities affecting agilelogix/post_timeline.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-4284P4MEDIUMCVSS 6.1PoCfixed in 2.2.62023-09-04
CVE-2023-4284 [MEDIUM] CWE-79 CVE-2023-4284: The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before
The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
nvd
CVE-2024-13571P4HIGHCVSS 7.1fixed in 2.3.102025-02-26
CVE-2024-13571 [HIGH] CWE-79 CVE-2024-13571: The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before out
The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
nvd