VYPR

Filter & Grids

by WordPress

CVEs (3)

  • CVE-2024-6164CriJul 18, 2024
    risk 0.64cvss 9.8epss 0.01

    The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

  • CVE-2024-39664HigNov 1, 2024
    risk 0.47cvss 7.3epss 0.00

    Missing Authorization vulnerability in YMC Filter & Grids allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Filter & Grids: from n/a through 2.8.33.

  • CVE-2024-39665MedAug 1, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2.