Product
favoriteposts favorites
5 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-1452
CVE-2023-2304
CVE-2021-26024
CVE-2021-26023
CVE-2015-9513
< 2.3.5
The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings, which could allow high privilege us
<= 2.3.2
The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'user_favorites' shortcode in versions up
< 1.0.2
The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to crea
< 1.0.2
The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS.
all versions
The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.