Bellows Accordion Menu
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49242 | Med | 0.42 | 6.5 | 0.00 | Jun 6, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through <= 1.4.3. | ||
| CVE-2023-5164 | Med | 0.42 | 6.4 | 0.00 | Oct 30, 2023 | The Bellows Accordion Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated… |
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sevenspark Bellows Accordion Menu bellows-accordion-menu allows Stored XSS.This issue affects Bellows Accordion Menu: from n/a through <= 1.4.3.
- risk 0.42cvss 6.4epss 0.00
The Bellows Accordion Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated…