| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-2543 | Advanced Accordion Gutenberg Block <= 5.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | spiderdevs | Advanced Accordion Gutenberg Block – Create Beautiful FAQs, Content Accordions & Interactive Tabs | Medium | 6.4 | 2025-04-24 08:23:49 | Deep Dive |
| CVE-2025-32143 | WordPress Accordion plugin <= 2.3.11 - PHP Object Injection vulnerability | PickPlugins | Accordion | High | 8.8 | 2025-04-11 08:42:51 | Deep Dive |
| CVE-2025-0810 | Read More & Accordion <= 3.4.7 - Cross-Site Request Forgery to Local File Inclusion | edmonparker | Read More & Accordion | High | 7.5 | 2025-04-05 01:44:44 | Deep Dive |
| CVE-2025-31621 | WordPress byBrick Accordion plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | davidpaulsson | byBrick Accordion | Medium | 6.5 | 2025-03-31 12:55:44 | Deep Dive |
| CVE-2024-13639 | Read More & Accordion <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary 'Read More' Post Deletion | edmonparker | Read More & Accordion | Medium | 4.3 | 2025-02-13 08:21:24 | Deep Dive |
| CVE-2024-13458 | WordPress SEO Friendly Accordion FAQ with AI assisted content generation <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | qchantelnotice | WordPress SEO Friendly Accordion FAQ with AI assisted content generation | Medium | 6.4 | 2025-01-25 07:24:16 | Deep Dive |
| CVE-2024-11892 | Accordion Slider Lite <= 1.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | bqworks | Accordion Slider Lite | Medium | 6.4 | 2025-01-11 07:21:54 | Deep Dive |
| CVE-2024-11874 | Grid Accordion Lite <= 1.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | bqworks | Grid Accordion Lite | Medium | 6.4 | 2025-01-11 07:21:52 | Deep Dive |
| CVE-2023-40331 | WordPress Accordion Slider plugin <= 1.9.6 - Broken Access Control vulnerability | bqworks | Accordion Slider | Medium | 4.3 | 2024-12-13 14:24:07 | Deep Dive |
| CVE-2023-39996 | WordPress Accordion and Accordion Slider plugin <= 1.2.4 - Broken Access Control | WP OnlineSupport, Essential Plugin | Accordion and Accordion Slider | Medium | 5.3 | 2024-12-13 14:24:00 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-51797 | WordPress Ultimate Accordion plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Md. Shiddikur Rahman | Ultimate Accordion | Medium | 6.5 | 2024-11-19 16:32:00 | Deep Dive |
| CVE-2024-51660 | WordPress Easy Accordion Gutenberg Block plugin <= 1.2.3 - Broken Access Control vulnerability | Binsaifullah | Easy Accordion Gutenberg Block | Medium | 4.3 | 2024-11-19 16:30:38 | Deep Dive |
| CVE-2024-51685 | WordPress Accordion title for Elementor plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability | Michael Gangolf | Accordion title for Elementor | Medium | 5.9 | 2024-11-04 14:10:59 | Deep Dive |
| CVE-2024-9582 | Accordion Slider <= 1.9.11 - Authenticted (Contributor+) Stored Cross-Site Scripting via HTML Attribute | bqworks | Accordion Slider | Medium | 6.4 | 2024-10-16 06:43:37 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-47342 | WordPress Accordion plugin <= 2.2.99 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Accordion | Medium | 6.5 | 2024-10-06 10:48:09 | Deep Dive |
| CVE-2024-8092 | Accordion Image Menu <= 3.1.3 - Stored XSS via CSRF | Unknown | Accordion Image Menu | 中危 | - | 2024-09-17 06:00:06 | Deep Dive |
| CVE-2024-5669 | XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | happydevs | Happy WooCommerce FAQs – Ultimate Product FAQ Plugin | Medium | 6.4 | 2024-07-09 08:33:12 | Deep Dive |
| CVE-2024-5704 | XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update | happydevs | Happy WooCommerce FAQs – Ultimate Product FAQ Plugin | Medium | 4.3 | 2024-07-09 08:33:03 | Deep Dive |