Wpwax Post Grid, Slider & Carousel Ultimate — known CVE vulnerabilities
Every CVE whose affected-product data names Wpwax Post Grid, Slider & Carousel Ultimate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-2006 — CVSS 8.8 (high): The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to PHP…
CVE-2024-13409 — CVSS 7.5 (high): The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to…
CVE-2024-29925 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Post Grid, Slider & Carousel…
CVE-2025-24782 — CVSS 6.5 (medium): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Post Grid…
CVE-2022-1266 — CVSS 4.8 (medium): The Post Grid, Slider & Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow…