Known Vulnerabilities for products from WpWax
Listed below are 19 of the newest known vulnerabilities associated with the vendor "WpWax".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39509 json | Not Provided | 2026-04-08 | 2026-04-13 | |
| CVE-2026-22460 json | Not Provided | 2026-03-05 | 2026-04-23 | |
| CVE-2025-68069 json | Not Provided | 2026-02-20 | 2026-04-27 | |
| CVE-2025-66077 json | Not Provided | 2025-11-21 | 2026-04-27 | |
| CVE-2025-64250 json | Not Provided | 2025-12-16 | 2026-04-27 | |
| CVE-2025-48242 json | Not Provided | 2025-05-19 | 2026-04-23 | |
| CVE-2025-39525 json | Not Provided | 2025-04-16 | 2026-04-23 | |
| CVE-2025-32658 json | Not Provided | 2025-04-17 | 2026-04-23 | |
| CVE-2025-32499 json | Not Provided | 2025-04-09 | 2026-04-23 | |
| CVE-2025-31857 json | Not Provided | 2025-04-01 | 2026-04-23 | |
| CVE-2025-24782 json | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWa... | Not Provided | 2025-01-27 | 2026-04-23 |
| CVE-2024-29925 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Post Grid, Slider... | Not Provided | 2024-03-27 | 2026-04-28 |
| CVE-2024-2006 json | The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vuln... | Not Provided | 2024-03-13 | 2026-04-08 |
| CVE-2024-1950 json | The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all... | Not Provided | 2024-03-13 | 2026-04-08 |
| CVE-2024-1322 json | The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to un... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2023-50886 json | Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerability in wpWax Legal Pages.This issue affects Legal Pages:... | Not Provided | 2024-03-15 | 2026-04-28 |
| CVE-2023-41798 json | Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist – WordPress Business Directory... | Not Provided | 2023-11-07 | 2026-04-28 |
| CVE-2023-2252 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 2.7 - LOW | 2024-01-16 | 2024-01-23 |
| CVE-2023-1889 json | The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7... | Not Provided | 2023-06-09 | 2026-04-08 |
| CVE-2023-1888 json | The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.... | Not Provided | 2023-06-09 | 2026-04-08 |