Known Vulnerabilities for products from Essentialplugin
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Essentialplugin".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-4194 json | The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all vers... | Not Provided | 2024-06-06 | 2026-04-08 |
| CVE-2023-38516 json | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Audio Player with ... | 5.4 - MEDIUM | 2023-09-03 | 2023-09-08 |
| CVE-2022-45818 json | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultima... | 5.4 - MEDIUM | 2023-05-04 | 2023-05-08 |
| CVE-2022-38077 json | Cross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup an... | 8.8 - HIGH | 2023-03-29 | 2023-11-07 |
| CVE-2022-4824 json | The WP Blog and Widgets WordPress plugin before 2.3.1 does not validate and escape some of its shortcode attributes before ou... | 5.4 - MEDIUM | 2023-02-06 | 2023-11-07 |
| CVE-2022-4791 json | The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of... | 5.4 - MEDIUM | 2023-02-21 | 2023-11-07 |
| CVE-2022-4747 json | The Post Category Image With Grid and Slider WordPress plugin before 1.4.8 does not validate and escape some of its shortcode... | 5.4 - MEDIUM | 2023-02-06 | 2023-11-07 |
| CVE-2022-2115 json | The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a fron... | 6.1 - MEDIUM | 2022-07-25 | 2022-07-29 |
| CVE-2021-24883 json | The Popup Anything WordPress plugin before 2.0.4 does not escape the Link Text and Button Text fields of Popup, which could a... | 5.4 - MEDIUM | 2021-11-29 | 2021-11-30 |