Known Vulnerabilities for products from Shapedplugin
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Shapedplugin".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-58228 | Not Provided | 2025-09-22 | 2026-04-01 | |
| CVE-2025-48134 | Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC WP Tabs wp-expand-tabs-free allows Object Injection.This ... | Not Provided | 2025-05-16 | 2026-04-01 |
| CVE-2025-22269 | Not Provided | 2025-04-15 | 2026-04-01 | |
| CVE-2023-25065 | Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.... | 8.8 - HIGH | 2023-02-14 | 2023-11-07 |
| CVE-2023-0537 | The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode att... | 5.4 - MEDIUM | 2023-05-08 | 2023-11-07 |
| CVE-2023-0360 | The Location Weather WordPress plugin before 1.3.4 does not validate and escape some of its block options before outputting t... | 5.4 - MEDIUM | 2023-02-13 | 2023-11-07 |
| CVE-2023-0097 | The Post Grid, Post Carousel, & List Category Posts WordPress plugin before 2.4.19 does not validate and escape some of its b... | 5.4 - MEDIUM | 2023-01-30 | 2023-11-07 |
| CVE-2023-0071 | The WP Tabs WordPress plugin before 2.1.17 does not validate and escape some of its shortcode attributes before outputting th... | 5.4 - MEDIUM | 2023-01-30 | 2023-11-07 |
| CVE-2022-4648 | The Real Testimonials WordPress plugin before 2.6.0 does not validate and escape some of its shortcode attributes before outp... | 5.4 - MEDIUM | 2023-01-16 | 2023-11-07 |
| CVE-2022-4629 | The Product Slider for WooCommerce WordPress plugin before 2.6.4 does not validate and escape some of its shortcode attribute... | 5.4 - MEDIUM | 2023-01-23 | 2023-11-07 |
| CVE-2022-2382 | The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its... | 4.3 - MEDIUM | 2022-08-22 | 2023-06-30 |
| CVE-2021-24739 | The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrar... | 8.1 - HIGH | 2021-12-21 | 2022-11-09 |
| CVE-2021-24738 | The Logo Carousel WordPress plugin before 3.4.2 does not validate and escape the "Logo Margin" carousel option, which could a... | 5.4 - MEDIUM | 2021-12-21 | 2021-12-27 |