G5theme Grid Plus – Unlimited Grid Layout
4 CVEs affecting G5theme Grid Plus – Unlimited Grid Layout. Latest disclosed: 2024-12-12. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-5250 | High | 8.8 | 2023-10-30 | The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3.3 via a shortcode attribute. This allows subscri… |
CVE-2024-10910 | High | 7.3 | 2024-12-12 | The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary shortcode execution via grid_plus_load_by_category AJAX action in all… |
CVE-2023-46209 | High | 7.1 | 2023-10-27 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in G5Theme Grid Plus – Unlimited grid plugin <= 1.3.2 versions. |
CVE-2023-5251 | Medium | 5.4 | 2023-10-30 | The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'grid_plus_save… |