WordPress AWP Classifieds Plugin Content Injection Vulnerability

Vulnerability

A content injection vulnerability allowing code injection has been identified in the WordPress AWP Classifieds Plugin, affecting versions through 4.3.5. This vulnerability arises from improper neutralization of script-related HTML tags, creating a basic cross-site scripting (XSS) risk.

Impact

Exploitation of this vulnerability could allow a malicious actor to inject content into the pages and posts of a WordPress site, potentially including phishing pages.

Added: Sep 22, 2025, 7:24 PM

Updated: Sep 22, 2025, 11:36 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.7

exploitability

6.5

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.7

exploitability

6.5

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress AWP Classifieds Plugin Content Injection Vulnerability

Vulnerability

Impact

Affected Products

Strategy11 AWP Classifieds

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating