Averta Shortcodes And Extra Features For Phlox Theme — known CVE vulnerabilities
Every CVE whose affected-product data names Averta Shortcodes And Extra Features For Phlox Theme, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2022-3359 — CVSS 8.8 (high): The Shortcodes and extra features for Phlox theme WordPress plugin before 2.10.7 unserializes the content of an imported file, which could…
CVE-2023-37888 — CVSS 7.6 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in By Averta Shortcodes and extra features for…
CVE-2023-7064 — CVSS 7.5 (high): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and…
CVE-2023-50368 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Shortcodes and extra features…
CVE-2024-1396 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’…
CVE-2024-1533 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML Element in…
CVE-2024-31099 — CVSS 6.4 (medium): Missing Authorization vulnerability in Averta Shortcodes and extra features for Phlox theme auxin-elements.This issue affects Shortcodes…
CVE-2024-3341 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
CVE-2024-3517 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion…
CVE-2024-9545 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
CVE-2024-12588 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Staff…
CVE-2024-1348 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS…
CVE-2024-1357 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
CVE-2024-8486 — CVSS 6.4 (medium): The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’…
CVE-2022-1910 — CVSS 6.1 (medium): The Shortcodes and extra features for Phlox WordPress plugin before 2.9.8 does not sanitise and escape a parameter before outputting it…
CVE-2024-50500 — CVSS 4.3 (medium): Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly…