Wpwax Post_grid\,_slider_\&_carousel_ultimate
5 CVEs affecting Wpwax Post_grid\,_slider_\&_carousel_ultimate. Latest disclosed: 2025-01-27. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2006 | High | 8.8 | 2024-03-13 | The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to PHP Object Injection in al… |
CVE-2024-13409 | High | 7.5 | 2025-01-24 | The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in al… |
CVE-2025-24782 | Medium | 6.5 | 2025-01-27 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Post Grid, Slider & Carousel Ult… |
CVE-2024-29925 | Medium | 6.5 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows Stored… |
CVE-2022-1266 | Medium | 4.8 | 2022-06-20 | The Post Grid, Slider & Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow high privilege users t… |