VYPR
Vendor

Wponlinesupport

Products
5
CVEs
4
Across products
4
Status
Private

Products

5

Recent CVEs

4
  • CVE-2024-43232HigAug 19, 2024
    risk 0.55cvss 8.5epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP OnlineSupport, Essential Plugin Timeline and History slider allows PHP Local File Inclusion.This issue affects Timeline and History slider: from n/a through 2.3.

  • CVE-2023-5334MedOct 3, 2023
    risk 0.42cvss 6.4epss 0.00

    The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sp_responsiveslider' shortcode in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2023-38516MedSep 3, 2023
    risk 0.42cvss 6.5epss 0.00

    Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Audio Player with Playlist Ultimate plugin <= 1.2.2 versions.

  • CVE-2024-32601MedApr 18, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8.