VYPR

Ultimate Post Kit

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-24362MedMar 25, 2026
    risk 0.42cvss 6.4epss 0.00

    Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through <= 4.0.21.

  • CVE-2024-5662MedJun 28, 2024
    risk 0.35cvss 6.4epss 0.00

    The Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count (Static)…