GCVE - cpe:2.3:a:afthemes:wp_post_author:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:afthemes:wp_post_author:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Afthemes (`7ad70142-34f3-546e-a45a-d3642c139a3d`)
Product	Wp Post Author (`36359c87-f242-5a2a-8fef-b287dc68ccb7`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-56247`	vulnerable	2026-06-08 06:54:17.610003	WordPress WP Post Author plugin <= 3.8.2 - SQL Injection vulnerability HIGH (7.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author wp-post-author allows SQL Injection.This issue affects WP Post Author: from n/a through <= 3.8.2. Published: 2025-01-02T12:01:21.366Z Updated: 2026-04-28T16:10:55.704Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wp-post-author/vulnerability/wordpress-wp-post-author-plugin-3-8-2-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37101`	vulnerable	2026-06-08 06:39:46.608833	WordPress WP Post Author plugin <= 3.6.7 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AF themes WP Post Author allows Stored XSS.This issue affects WP Post Author: from n/a through 3.6.7. Published: 2024-07-22T09:56:00.473Z Updated: 2026-04-28T16:09:55.859Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wp-post-author/wordpress-wp-post-author-plugin-3-6-6-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-34389`	vulnerable	2026-06-08 06:37:33.220368	WordPress WP Post Author plugin <= 3.6.4 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in AF themes WP Post Author.This issue affects WP Post Author: from n/a through 3.6.4. Published: 2024-05-06T18:42:14.643Z Updated: 2026-04-28T16:09:48.181Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wp-post-author/wordpress-wp-post-author-plugin-3-6-4-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-34387`	vulnerable	2026-06-08 06:37:33.218732	WordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerability MEDIUM (4.3) Missing Authorization vulnerability in AF themes WP Post Author.This issue affects WP Post Author: from n/a through 3.6.4. Published: 2024-05-06T18:49:03.579Z Updated: 2026-04-28T16:09:47.992Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wp-post-author/wordpress-wp-post-author-plugin-3-6-4-rating-value-manipulation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.