Averta Shortcodes And Extra Features For Phlox Theme
17 CVEs affecting Averta Shortcodes And Extra Features For Phlox Theme. Latest disclosed: 2026-01-10. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-7064 | High | 7.5 | 2024-05-02 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.17.5 via d… |
CVE-2023-50368 | Medium | 6.5 | 2023-12-14 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Shortcodes and extra features for Phlox theme allo… |
CVE-2025-12379 | Medium | 6.4 | 2026-01-10 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a combination of the 'tag' and ‘title_t… |
CVE-2024-9545 | Medium | 6.4 | 2024-12-21 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aux_contact_box and aux_gm… |
CVE-2024-12588 | Medium | 6.4 | 2024-12-21 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Staff widget in all versio… |
CVE-2024-8486 | Medium | 6.4 | 2024-10-05 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in the Modern Headi… |
CVE-2024-3517 | Medium | 6.4 | 2024-05-02 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion Widget in all versions up… |
CVE-2024-3341 | Medium | 6.4 | 2024-05-02 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_gmaps' shortcode in a… |
CVE-2024-1533 | Medium | 6.4 | 2024-05-02 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML Element in all versions up to… |
CVE-2024-1396 | Medium | 6.4 | 2024-05-02 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versio… |
CVE-2024-1348 | Medium | 6.4 | 2024-05-02 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in all versions… |
CVE-2024-1357 | Medium | 6.4 | 2024-04-16 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aux_timeline shortcode in… |
CVE-2024-31099 | Medium | 6.4 | 2024-04-01 | Missing Authorization vulnerability in Averta Shortcodes and extra features for Phlox theme auxin-elements.This issue affects Shortcodes and extra features for… |
CVE-2025-13215 | Medium | 5.3 | 2026-01-06 | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.17.13 via… |
CVE-2025-63071 | Medium | 5.3 | 2025-12-09 | Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve Embedded… |
CVE-2025-69016 | Medium | 4.3 | 2025-12-30 | Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Cont… |
CVE-2024-50500 | Medium | 4.3 | 2025-02-03 | Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Cont… |