Hero Banner Ultimate
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22305 | Med | 0.42 | 6.5 | 0.01 | Jan 7, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Essential Plugin Hero Banner Ultimate hero-banner-ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through <= 1.4.4. | ||
| CVE-2022-45818 | Med | 0.42 | 6.5 | 0.00 | May 4, 2023 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin <= 1.3.4 versions. |
- risk 0.42cvss 6.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Essential Plugin Hero Banner Ultimate hero-banner-ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through <= 1.4.4.
- risk 0.42cvss 6.5epss 0.00
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin <= 1.3.4 versions.