Futuriowp Futurio_extra
7 CVEs affecting Futuriowp Futurio_extra. Latest disclosed: 2024-12-06. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-53802 | Medium | 6.5 | 2024-12-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra futurio-extra allows Stored XSS.T… |
CVE-2024-50446 | Medium | 6.5 | 2024-10-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra futurio-extra.This issue affects… |
CVE-2023-40201 | Medium | 6.5 | 2023-10-03 | Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin. |
CVE-2024-5646 | Medium | 6.4 | 2024-06-11 | The Futurio Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘header_size’ attribute within the Advanced Text Block widget in al… |
CVE-2024-10695 | Medium | 4.3 | 2024-11-12 | The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the 'elementor-template' shortcod… |
CVE-2021-25110 | Medium | 4.3 | 2022-02-14 | The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address. |
CVE-2021-25109 | Low | 2.7 | 2022-02-14 | The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from th… |