Magic-post-thumbnail Magic Post Thumbnail — known CVE vulnerabilities
Every CVE whose affected-product data names Magic-post-thumbnail Magic Post Thumbnail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-29171 — CVSS 7.1 (high): Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions.
CVE-2024-43921 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Magic Post Thumbnail allows…
CVE-2024-6724 — CVSS 4.8 (medium): The Generate Images WordPress plugin before 5.2.8 does not sanitise and escape some of its settings, which could allow high privilege users…