Pickplugins Post_grid

14 CVEs affecting Pickplugins Post_grid. Latest disclosed: 2025-05-15. Critical: 0, High: 7.

Top CVEs affecting Pickplugins Post_grid
CVESeverityScorePublishedSummary
CVE-2021-4450High8.82024-10-16The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in versions up to, and including, 2.1.12 due to insufficient escaping…
CVE-2024-8253High8.82024-09-11The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in all versions 2.2.87 to 2.2.90. This is due to the plugin not p…
CVE-2024-13408High7.52025-01-24The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in al…
CVE-2020-35939High7.52021-01-01PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP obje…
CVE-2020-35938High7.52021-01-01PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects d…
CVE-2020-35937High7.52021-01-01Stored Cross-Site Scripting (XSS) vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to import layou…
CVE-2020-35936High7.52021-01-01Stored Cross-Site Scripting (XSS) vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to import layouts in…
CVE-2024-1988Medium6.42024-06-07The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site S…
CVE-2022-0447Medium6.42022-04-11The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the post_types parameter before outputting it back in the response of the post_grid_u…
CVE-2021-24986Medium6.12022-04-11The Post Grid WordPress plugin before 2.1.16 does not escape the keyword parameter before outputting it back in an attribute, leading to a Reflected Cross-Site…
CVE-2021-24488Medium6.12021-08-02The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back…
CVE-2024-9645Medium5.42025-05-15The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options be…
CVE-2024-0881Medium5.42024-04-11The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not have proper authorization, resu…
CVE-2024-13796Medium5.32025-02-28The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3…