VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 4 known issues Latest disclosed Jul 19, 2022

Insert Special Characters Vulnerabilities

Review known vulnerability records for the WordPress plugin Insert Special Characters (`insert-special-characters`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2022-24775, CVE-2021-43307 and CVE-2021-43138, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
4
High or Critical
4
Patch Coverage
100%
Last Updated
Jan 22, 2024
Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Insert Special Characters so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
4 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 4 high severity findings.
Recent CVEs
CVE-2022-24775, CVE-2021-43307 and CVE-2021-43138
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

CVE-2021-43138 High Patch path listed

async <= 2.6.3 and 3-3.2.2 - Prototype Pollution

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution. Some Wor...

Published
Apr 07, 2022
Patch Status
1.0.5
Open Full Report
Known Vulnerabilities

Reports for Insert Special Characters

Sorted by latest disclosure date so newly published issues surface first.

Plugin High Patched: Yes CVE-2022-24775
guzzlehttp/psr7 <= 1.84 and 2.0.0-2.1.0 - Improper Input Validation

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workaroun...

Published
Jul 19, 2022
Patched Release
1.0.5
Affected Versions
Versions up to 1.0.4
Next Step
Update to 1.0.5 or newer if supported.
Open Full Report Open CVE Reference
Plugin High Patched: Yes CVE-2021-43307
semver-regex <= 3.1.3 and 4.0.0-4.0.3 - Regular Expression Denial of Service (ReDoS)

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method. Some WordPress plugins and themes use this dependency though that doesn’t necessarily mean the pl...

Published
May 13, 2022
Patched Release
1.0.5
Affected Versions
Versions up to 1.0.4
Next Step
Update to 1.0.5 or newer if supported.
Open Full Report Open CVE Reference
Plugin High Patched: Yes CVE-2021-43138
async <= 2.6.3 and 3-3.2.2 - Prototype Pollution

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution. Some WordPress plugins and themes use this dependency though that doesn’t necessarily mean the plu...

Published
Apr 07, 2022
Patched Release
1.0.5
Affected Versions
Versions up to 1.0.4
Next Step
Update to 1.0.5 or newer if supported.
Open Full Report Open CVE Reference
Plugin High Patched: Yes
ansi-regex >=2.1.1 <3.0.1 >=4.0.0 <4.1.1 >=5.0.0 <5.0.1 >=6.0.0 <6.0.1 - Regular Expression Denial of Service (ReDoS)

ansi-regex is vulnerable to Inefficient Regular Expression Complexity. Some WordPress plugins and themes use this dependency though that doesn’t necessarily mean the plugin itself is vulnerable to exploitation.

Published
Sep 09, 2021
Patched Release
1.0.5
Affected Versions
Versions up to 1.0.4
Next Step
Update to 1.0.5 or newer if supported.
Open Full Report