Digital Publications By Supsystic

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:supsystic:digital_publications_by_supsystic:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorSupsystic (31a63952-7184-5307-ada0-8934fe420f61)
ProductDigital Publications By Supsystic (0abd9d1d-97c1-539b-ab9b-ec5c6c6a8232)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-5756 vulnerable 2026-06-03 14:53:49.545038 Digital Publications by Supsystic <= 1.7.6 - Cross-Site Request Forgery via AJAX action
MEDIUM (5.4)
The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2023-12-09T06:51:59.433Z
Updated: 2026-04-08T16:41:50.715Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2384 vulnerable 2026-06-03 14:47:06.216559 Digital Publications by Supsystic < 1.7.4 - Admin+ Stored Cross-Site Scripting
The Digital Publications by Supsystic WordPress plugin before 1.7.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Published: 2022-08-15T08:37:52.000Z
Updated: 2024-08-03T00:39:07.356Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.