Unknown Pods vulnerabilities
3 known vulnerabilities affecting unknown/pods.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-1446CRITICALCVSS 9.8fixed in 3.2.8.22025-03-23
CVE-2025-1446 [CRITICAL] CWE-89 CVE-2025-1446: The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it i
The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
cvelistv5nvd
CVE-2024-11849MEDIUMCVSS 6.1fixed in 3.2.8.12025-01-06
CVE-2024-11849 [MEDIUM] CWE-79 CVE-2024-11849: The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which c
The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
cvelistv5nvd
CVE-2024-9883MEDIUMCVSS 4.8fixed in 3.2.7.12024-11-05
CVE-2024-9883 [MEDIUM] CWE-79 CVE-2024-9883: The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which c
The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
cvelistv5nvd