Addonmaster Post Grid Master — known CVE vulnerabilities
Every CVE whose affected-product data names Addonmaster Post Grid Master, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-11642 — CVSS 9.8 (critical): The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode…
CVE-2024-43156 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AddonMaster Post Grid Master…
CVE-2024-34390 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddonMaster Post Grid Master allows…
CVE-2025-24733 — CVSS 6.5 (medium): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Akhtarujjaman…
CVE-2025-5084 — CVSS 6.1 (medium): The Post Grid Master plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘argsArray['read_more_text']’…
CVE-2024-34372 — CVSS 5.3 (medium): Missing Authorization vulnerability in AddonMaster Post Grid Master.This issue affects Post Grid Master: from n/a through 3.4.7.
CVE-2025-30974 — CVSS 4.3 (medium): Missing Authorization vulnerability in Akhtarujjaman Shuvo Post Grid Master ajax-filter-posts allows Exploiting Incorrectly Configured…