Futuriowp Futurio_extra

7 CVEs affecting Futuriowp Futurio_extra. Latest disclosed: 2024-12-06. Critical: 0, High: 0.

Top CVEs affecting Futuriowp Futurio_extra
CVESeverityScorePublishedSummary
CVE-2024-53802Medium6.52024-12-06Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra futurio-extra allows Stored XSS.T…
CVE-2024-50446Medium6.52024-10-28Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra futurio-extra.This issue affects…
CVE-2023-40201Medium6.52023-10-03Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin.
CVE-2024-5646Medium6.42024-06-11The Futurio Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘header_size’ attribute within the Advanced Text Block widget in al…
CVE-2024-10695Medium4.32024-11-12The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the 'elementor-template' shortcod…
CVE-2021-25110Medium4.32022-02-14The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address.
CVE-2021-25109Low2.72022-02-14The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from th…