Insert Pages Project Insert Pages — known CVE vulnerabilities
Every CVE whose affected-product data names Insert Pages Project Insert Pages, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2021-24850 — CVSS 5.4 (medium): The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that prints out other pages' content and custom fields. It can be used by…
CVE-2022-4483 — CVSS 5.4 (medium): The Insert Pages WordPress plugin before 3.7.5 does not validate and escape some of its shortcode attributes before outputting them back in…
CVE-2021-24851 — CVSS 4.3 (medium): The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary…