Pickplugins Accordion
6 CVEs affecting Pickplugins Accordion. Latest disclosed: 2025-10-22. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32143 | High | 8.8 | 2025-04-11 | Deserialization of Untrusted Data vulnerability in PickPlugins Accordion accordions allows Object Injection.This issue affects Accordion: from n/a through <= 2… |
CVE-2025-53421 | Medium | 6.5 | 2025-10-22 | Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe… |
CVE-2025-58678 | Medium | 6.5 | 2025-09-22 | Missing Authorization vulnerability in PickPlugins Accordion accordions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe… |
CVE-2024-47342 | Medium | 6.5 | 2024-10-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Accordion accordions allows Stored XSS.This i… |
CVE-2021-24283 | Medium | 5.4 | 2021-05-14 | The tab GET parameter of the settings page is not sanitised or escaped when being output back in an HTML attribute, leading to a reflected XSS issue. |
CVE-2020-13644 | Medium | 5.4 | 2020-05-28 | An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authent… |