Every CVE whose affected-product data names Postieplugin Postie, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-20204 — CVSS 5.4 (medium): The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/* at the beginning and a crafted…
CVE-2019-20203 — CVSS 5.3 (medium): The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers to publish posts by spoofing the From…
CVE-2012-2580 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, and possibly before 1.5.15, for WordPress allows remote attackers to…