Known Vulnerabilities for Image Widget by StellarWP
Listed below are 8 of the newest known vulnerabilities associated with "Image Widget" by "StellarWP".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45012 json | ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 contain an authenticat... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-45011 json | ApostropheCMS is an open-source Node.js content management system. Version 4.29.0 has a stored cross-site scripting vulnerabi... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-42643 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP Image Widget ... | Not Provided | 2026-04-29 | 2026-04-29 |
| CVE-2026-13710 json | The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulner... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-5428 json | The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image captions in the Image ... | Not Provided | 2026-04-24 | 2026-04-24 |
| CVE-2025-58858 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBean WPB Image Widget... | Not Provided | 2025-09-05 | 2026-04-23 |
| CVE-2025-15665 json | The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider ... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2024-32707 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Image Slider W... | Not Provided | 2024-04-24 | 2026-04-28 |