Gpriday Siteorigin Widgets Bundle

9 CVEs affecting Gpriday Siteorigin Widgets Bundle. Latest disclosed: 2026-02-18. Critical: 0, High: 0.

Top CVEs affecting Gpriday Siteorigin Widgets Bundle
CVESeverityScorePublishedSummary
CVE-2025-5585Medium6.42025-06-25The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to…
CVE-2024-5901Medium6.42024-07-30The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget in all versions up to, and including…
CVE-2024-5090Medium6.42024-06-11The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SiteOrigin Blog Widget in all versions up to…
CVE-2024-4362Medium6.42024-05-22The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions…
CVE-2024-1723Medium6.42024-03-13The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1…
CVE-2024-1070Medium6.42024-02-29The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the features attribute in all versions up to, and including…
CVE-2024-1058Medium6.42024-02-29The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the onclick parameter in all versions up to, and including…
CVE-2024-0961Medium6.42024-02-05The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the code editor in all versions up to, and including, 1.58…
CVE-2026-2127Medium5.42026-02-18The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to unauthorized arbitrary shortcode execution in all versions up to, and including, 1.70.4. Th…