Siteorigin Siteorigin_widgets_bundle

10 CVEs affecting Siteorigin Siteorigin_widgets_bundle. Latest disclosed: 2025-06-25. Critical: 0, High: 1.

Top CVEs affecting Siteorigin Siteorigin_widgets_bundle
CVESeverityScorePublishedSummary
CVE-2023-6295High7.22023-12-18The SiteOrigin Widgets Bundle WordPress plugin before 1.51.0 does not validate user input before using it to generate paths passed to include function/s, allow…
CVE-2025-5585Medium6.42025-06-25The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to…
CVE-2024-5901Medium6.42024-07-30The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget in all versions up to, and including…
CVE-2024-5090Medium6.42024-06-11The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SiteOrigin Blog Widget in all versions up to…
CVE-2024-4362Medium6.42024-05-22The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions…
CVE-2024-1723Medium6.42024-03-13The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1…
CVE-2024-1070Medium6.42024-02-29The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the features attribute in all versions up to, and including…
CVE-2024-1058Medium6.42024-02-29The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the onclick parameter in all versions up to, and including…
CVE-2024-0961Medium6.42024-02-05The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the code editor in all versions up to, and including, 1.58…
CVE-2024-54268Medium4.32024-12-13Missing Authorization vulnerability in Greg - SiteOrigin SiteOrigin Widgets Bundle so-widgets-bundle allows Exploiting Incorrectly Configured Access Control Se…