Wp-publications Project Wp-publications — known CVE vulnerabilities
Every CVE whose affected-product data names Wp-publications Project Wp-publications, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-38360 — CVSS 8.3 (high): The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the…
CVE-2024-11605 — CVSS 4.8 (medium): The wp-publications WordPress plugin through 1.2 does not escape filenames before outputting them back in the page, which could allow high…