VYPR

Read More & Accordion

by Read More & Accordion

CVEs (3)

  • CVE-2026-7467HigMay 20, 2026
    risk 0.57cvss 8.8epss 0.00

    The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is due to the 'RadMoreAjax::importData' function not restricting which database tables can be written to during import and not properly…

  • CVE-2026-7472MedMay 20, 2026
    risk 0.32cvss 4.9epss 0.00

    The Read More & Accordion plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.5.7. This is due to the use of esc_sql() without surrounding the value in quotes in an ORDER BY clause inside the…

  • CVE-2024-13639MedFeb 13, 2025
    risk 0.21cvss 4.3epss 0.00

    The Read More & Accordion plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the expmDeleteData() function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, with…