S-sols Seraphinite Accelerator — known CVE vulnerabilities
Every CVE whose affected-product data names S-sols Seraphinite Accelerator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-49740 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seraphinite Solutions Seraphinite…
CVE-2024-1568 — CVSS 6.4 (medium): The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52…
CVE-2023-5609 — CVSS 6.1 (medium): The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sanitise and escape a parameter before outputting it back in the page…
CVE-2023-5610 — CVSS 5.4 (medium): The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an…
CVE-2023-5611 — CVSS 5.3 (medium): The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its…
CVE-2026-3058 — CVSS 4.3 (medium): The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including…