Easy Accordion Block
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-4487 | Med | 0.35 | 5.4 | 0.01 | Jan 16, 2023 | The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used… | ||
| CVE-2024-51660 | Med | 0.28 | 4.3 | 0.00 | Nov 19, 2024 | Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Accordion Gutenberg Block: from n/a through <= 1.2.3. |
- risk 0.35cvss 5.4epss 0.01
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used…
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Accordion Gutenberg Block: from n/a through <= 1.2.3.