Themeisle Multiple Page Generator — known CVE vulnerabilities
Every CVE whose affected-product data names Themeisle Multiple Page Generator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2024-27951 — CVSS 9.1 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell…
CVE-2024-47325 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle MPG multiple-pages-generator…
CVE-2023-33927 — CVSS 7.6 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator…
CVE-2023-2607 — CVSS 7.2 (high): The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions…
CVE-2024-10705 — CVSS 5.4 (medium): The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and…
CVE-2023-2608 — CVSS 3.1 (low): The Multiple Page Generator Plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the…
CVE-2024-10672 — CVSS 2.7 (low): The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path…