Plugin-planet Prismatic — known CVE vulnerabilities
Every CVE whose affected-product data names Plugin-planet Prismatic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24409 — CVSS 6.1 (medium): The Prismatic WordPress plugin before 2.8 does not escape the 'tab' GET parameter before outputting it back in an attribute, leading to a…
CVE-2021-24408 — CVSS 5.4 (medium): The Prismatic WordPress plugin before 2.8 does not sanitise or validate some of its shortcode parameters, allowing users with a role as low…