← Back

Presspage

presspage

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Presspage
1Smarty For Wordpress
Jun 17, 2026
Oct 3, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.
1Presspage
1Bestbooks
Jun 17, 2026
Jun 13, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users