Kurudrive Vk All In One Expansion Unit
5 CVEs affecting Kurudrive Vk All In One Expansion Unit. Latest disclosed: 2026-02-18. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2093 | Medium | 6.5 | 2024-04-09 | The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social… |
CVE-2025-11737 | Medium | 6.4 | 2026-02-18 | The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'vkExUnit_sns_title' parameter in all versions up to… |
CVE-2025-11267 | Medium | 6.4 | 2025-11-18 | The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_veu_custom_css' parameter in all versions up to, a… |
CVE-2025-11265 | Medium | 6.4 | 2025-11-18 | The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'vkExUnit_cta_url' and 'vkExUnit_cta_button_text' pa… |
CVE-2024-2170 | Medium | 6.4 | 2024-03-26 | The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the child page index widget in all versions up to, and i… |