Responsive Plus
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-15488 | Med | 0.42 | 6.5 | 0.00 | Mar 26, 2026 | The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the update_responsive_woo_free_shipping_left_shortcode AJAX action that does not properly validate the content_rech_data parameter before processing it as a shortcode. | ||
| CVE-2025-48335 | Med | 0.35 | 5.4 | 0.00 | Jun 6, 2025 | Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through <= 3.2.0. | ||
| CVE-2025-47486 | Med | 0.34 | 5.3 | 0.00 | May 7, 2025 | Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Plus: from n/a through <= 3.1.9. | ||
| CVE-2025-49856 | Med | 0.28 | 4.3 | 0.00 | Jun 17, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Cross Site Request Forgery.This issue affects Responsive Plus: from n/a through <= 3.2.2. |
- risk 0.42cvss 6.5epss 0.00
The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the update_responsive_woo_free_shipping_left_shortcode AJAX action that does not properly validate the content_rech_data parameter before processing it as a shortcode.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through <= 3.2.0.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Plus: from n/a through <= 3.1.9.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Cross Site Request Forgery.This issue affects Responsive Plus: from n/a through <= 3.2.2.