VYPR
Vendor

Biplob018

Products
5
CVEs
11
Across products
11
Status
Private

Products

5

Recent CVEs

11
  • CVE-2024-51763HigNov 9, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biplob018 Team Showcase and Slider – Team Members Builder team-showcase-ultimate allows Reflected XSS.This issue affects Team Showcase and Slider – Team Members Builder:…

  • CVE-2025-22585MedJan 7, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Ultimate Image Hover Effects ultimate-image-hover-effects allows DOM-Based XSS.This issue affects Ultimate Image Hover Effects: from n/a through <= 1.1.2.

  • CVE-2024-5001MedJun 6, 2024
    risk 0.42cvss 6.4epss 0.00

    The Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_id', 'oxi_addons_f_title_tag', and 'content_description_tag' parameters in all versions up to, and including, 3.0.2 due to insufficient…

  • CVE-2022-34487Jul 21, 2022
    risk 0.04cvss epss 0.03

    Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress.

  • CVE-2024-37121Jul 22, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5.

  • CVE-2024-37546Jul 6, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2.

  • CVE-2022-4207Dec 13, 2022
    risk 0.00cvss epss 0.01

    The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2022-2937Sep 23, 2022
    risk 0.00cvss epss 0.00

    The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title & Description values that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This…

  • CVE-2022-2935Sep 6, 2022
    risk 0.00cvss epss 0.00

    The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Media Image URL value that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2022-2936Sep 6, 2022
    risk 0.00cvss epss 0.00

    The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Video Link values that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it possible…

  • CVE-2022-33970Jul 27, 2022
    risk 0.00cvss epss 0.01

    Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.