| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2006 | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.7 - Authenticated (Contributor+) PHP Object Injection in outpost_shortcode_metabox_markup | wpwax | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget | High | 8.8 | 2024-03-13 15:27:04 | Deep Dive |
| CVE-2023-7072 | Post Grid Combo – 36+ Gutenberg Blocks <= 2.2.68 - Information Exposure via get_posts API Endpoint | pickplugins | Post Grid | High | 7.5 | 2024-03-12 22:32:27 | Deep Dive |
| CVE-2023-6645 | Post Grid Combo – 36+ Gutenberg Blocks <= 2.2.64 - Authenticated (Contributor+) Cross-Site Scripting | pickplugins | Post Grid | Medium | 6.4 | 2024-01-11 08:32:50 | Deep Dive |
| CVE-2023-5815 | News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Remote Code Execution via Local File Inclusion | infornweb | Blog Designer Pack – Blog, Post Grid, Post Slider, Post Carousel, Category Post, News | High | 8.1 | 2023-11-22 15:33:22 | Deep Dive |
| CVE-2023-0097 | Post Grid, Post Carousel, & List Category Posts < 2.4.19 - Contributor+ Stored XSS | Unknown | Post Grid, Post Carousel, & List Category Posts | 中危 | - | 2023-01-30 20:31:48 | Deep Dive |
| CVE-2022-1266 | Post Grid, Slider & Carousel Ultimate < 1.5.0 - Admin+ Stored XSS | Unknown | Post Grid, Slider & Carousel Ultimate | 中危 | - | 2022-06-20 10:25:48 | Deep Dive |