AMP for WP – Accelerated Mobile Pages

Vulnerabilities 16Slug accelerated-mobile-pagesLatest version 1.1.13WordPress.org →

Minimum safe version

1.1.11

Update to 1.1.11 or later to address 16 fixable vulnerabilities

Latest available1.1.13 ✓

N/A

2026-01-08< 1.1.11

AMP for WP <= 1.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG File Upload

Wordfence CVE

Medium 4.3

2026-01-07< 1.1.10

CVE-2025-14468

CVE Wordfence

Medium 6.1

2024-12-18< 1.1.2

CVE-2024-11254

CVE Wordfence Patchstack

High 8.8

2024-10-25< 1.0.99.2

CVE-2024-9598

CVE Wordfence Patchstack

Medium 6.3

2024-11-01< 1.0.97

CVE-2024-43146

CVE Patchstack Wordfence

Medium 5.4

2024-07-24< 1.0.97

CVE-2024-6896

CVE Patchstack Wordfence

Medium 6.5

2024-02-20< 1.0.93.2

CVE-2024-1043

CVE Wordfence Patchstack WPScan

Medium 6.1

2024-01-23< 1.0.93

CVE-2024-0587

CVE Patchstack Wordfence WPScan

Medium 5.4

2024-12-16< 1.0.92.1

WordPress AMP for WP Plugin <= 1.0.92 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

Medium 6.5

2023-11-30< 1.0.89

CVE-2023-48321

CVE Wordfence Patchstack WPScan

N/A

2018-10-20< 0.9.97.20

AMP for WP <= 0.9.97.19 - Missing Authorization

Wordfence

N/A

< 0.9.97.20

Accelerated Mobile Pages <= 0.9.97.19 - Multiple Unauthenticated Vulnerabilities

WPScan

N/A

2018-11-13< 0.9.97.20

WordPress Accelerated Mobile Pages plugin <= 0.9.97.19 - Multiple Unauthenticated Vulnerabilities

Patchstack

Medium 4.8

2025-10-03< 1.0.77.33

CVE-2021-23209

EUVD CVE Patchstack Wordfence WPScan

Medium 4.8

2025-10-03< 1.0.77.33

CVE-2021-23150

EUVD CVE Patchstack Wordfence WPScan

Medium 5.4

2019-05-13< 0.9.97.21

CVE-2018-20838

CVE Wordfence WPScan