Private Messages Project Private Messages — known CVE vulnerabilities
Every CVE whose affected-product data names Private Messages Project Private Messages, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-29442 — CVSS 5.4 (medium): Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at…
CVE-2022-29441 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send…