WordPress Plugin Vulnerabilities

Tagregator <= 0.6 - Stored XSS

Description

The Tagregator WordPress plugin was affected by a Stored XSS security vulnerability.

Affects Plugins

Plugin icon
tagregator
No known fix

References

CVE
CVE-2018-10752
Exploitdb
45225

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
4.8 (medium)

Miscellaneous

Verified
No
WPVDB ID
95d19adf-88c6-417c-afee-a570a5240233

Timeline

Publicly Published
2018-05-05 (about 8 years ago)
Added
2019-08-21 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2026-05-11
Title
LifePress <= 2.2.2 - Unauthenticated Stored Cross-Site Scripting via 'n' Parameter via lp_update_mds AJAX Action
Published
2024-10-31
Title
NMR Strava activities < 1.0.8 - Contributor+ Stored XSS
Published
2026-03-03
Title
Thecs <= 1.4.7 - Reflected Cross-Site Scripting
Published
2025-06-19
Title
CP Polls < 1.0.82 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2024-11-08
Title
Blocks Post Grid <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting