Postsnippets

postsnippets

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Post Snippets

post_snippets

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-25459 1Postsnippets 1Post Snippets Jun 17, 2026 Aug 8, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions.
CVE-2021-25010 1Postsnippets 1Post Snippets Jun 17, 2026 Feb 28, 2022 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and e...Show more The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and escaped, which could lead to Stored Cross-Site Scripting issuesShow less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-25459

1Postsnippets

1Post Snippets

Jun 17, 2026

Aug 8, 2023

N/A· v4

4.8 MEDIUM· v3

N/A· v2

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Postsnippets Post Snippets plugin <= 4.0.2 versions.

CVE-2021-25010

1Postsnippets

1Post Snippets

Jun 17, 2026

Feb 28, 2022

N/A· v4

9.6 CRITICAL· v3

6.8 MEDIUM· v2

The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers are not sanitised and e...Show more