Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPZOOM — Vulnerabilities & Security Advisories 23

Browse all 23 CVE security advisories affecting WPZOOM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by WPZOOM:WPZOOM Addons for Beaver BuilderWPZOOM Addons for Elementor – Starter Templates & WidgetsRecipe Card Blocks for Gutenberg & ElementorWPZOOM ShortcodesBeaver Builder Addons by WPZOOMWPZOOM Social Feed Widget & BlockWPZOOM Addons for Elementor (Templates, Widgets)Social Icons Widget & Block by WPZOOMWPZOOM Portfolio Lite – Filterable Portfolio PluginInspiroWPZOOM Addons for ElementorSocial Icons Widget & Block – Social Media Icons & Share Buttons
CVE IDTitleCVSSSeverityPublished
CVE-2026-4063 Social Icons Widget & Block <= 4.5.8 - Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation — Social Icons Widget & Block – Social Media Icons & Share ButtonsCWE-862 4.3 Medium2026-03-13
CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more — WPZOOM Addons for Elementor – Starter Templates & WidgetsCWE-200 5.3 Medium2026-02-11
CVE-2025-67951 WordPress WPZOOM Addons for Elementor plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability — WPZOOM Addons for ElementorCWE-79 6.1AIMediumAI2025-12-16
CVE-2025-62019 WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerability — Recipe Card Blocks for Gutenberg & ElementorCWE-862 7.5AIHighAI2025-10-22
CVE-2025-8592 Inspiro <= 2.1.2 - Cross-Site Request Forgery to Arbitrary Plugin Installation — InspiroCWE-352 8.1 High2025-08-21
CVE-2025-26983 WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.3 - Broken Access Control vulnerability — Recipe Card Blocks for Gutenberg & ElementorCWE-862 4.3 Medium2025-02-25
CVE-2024-30424 WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability — Beaver Builder Addons by WPZOOMCWE-79 6.5 Medium2024-11-19
CVE-2024-43293 WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.3.1 - Broken Access Control vulnerability — Recipe Card Blocks for Gutenberg & ElementorCWE-862 4.3 Medium2024-11-01
CVE-2024-9027 WPZOOM Shortcodes <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via box Shortcode — WPZOOM ShortcodesCWE-79 6.4 Medium2024-09-25
CVE-2024-8276 WPZOOM Portfolio Lite – Filterable Portfolio Plugin <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute — WPZOOM Portfolio Lite – Filterable Portfolio PluginCWE-79 6.4 Medium2024-08-31
CVE-2024-37464 WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.5 - Local File Inclusion vulnerability — Beaver Builder Addons by WPZOOMCWE-22 4.9 Medium2024-07-09
CVE-2024-5686 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget — WPZOOM Addons for Elementor – Starter Templates & WidgetsCWE-79 6.4 Medium2024-06-20
CVE-2024-30464 WordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerability — Social Icons Widget & Block by WPZOOMCWE-862 5.4 Medium2024-06-09
CVE-2024-5147 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.37 - Unauthenticated Local File Inclusion — WPZOOM Addons for Elementor – Starter Templates & WidgetsCWE-22 9.8 Critical2024-05-22
CVE-2024-4370 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget — WPZOOM Addons for Elementor – Starter Templates & WidgetsCWE-79 6.4 Medium2024-05-14
CVE-2024-33539 WordPress WPZOOM Addons for Elementor plugin <= 1.1.35 - Cross Site Scripting (XSS) vulnerability — WPZOOM Addons for Elementor (Templates, Widgets)CWE-79 6.5 Medium2024-04-29
CVE-2024-3662 WPZOOM Social Feed Widget & Block <= 2.1.13 - Missing Authorization to Authenticated (Subscriber+) Instagram Image Deletion — WPZOOM Social Feed Widget & BlockCWE-862 4.3 Medium2024-04-13
CVE-2024-2183 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Widget — WPZOOM Addons for Beaver BuilderCWE-79 6.4 Medium2024-04-09
CVE-2024-2186 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget — WPZOOM Addons for Beaver BuilderCWE-79 6.4 Medium2024-04-09
CVE-2024-2181 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget — WPZOOM Addons for Beaver BuilderCWE-79 6.4 Medium2024-04-09
CVE-2024-2185 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget — WPZOOM Addons for Beaver BuilderCWE-79 6.4 Medium2024-04-09
CVE-2024-2187 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget — WPZOOM Addons for Beaver BuilderCWE-79 6.4 Medium2024-04-09
CVE-2024-22162 WordPress WPZOOM Shortcodes plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability — WPZOOM ShortcodesCWE-79 7.1 High2024-01-31

This page lists every published CVE security advisory associated with WPZOOM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.