Vendor

wpoperations

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2025-39387	wpoperations Opstore	Hig	0.49	7.5	0.01	Apr 24, 2025	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpoperations Opstore opstore allows PHP Local File Inclusion.This issue affects Opstore: from n/a through <= 1.4.5.
CVE-2025-32921	wpoperations Arrival	Hig	0.49	7.5	0.01	Apr 24, 2025	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpoperations Arrival arrival allows PHP Local File Inclusion.This issue affects Arrival: from n/a through <= 1.4.5.
CVE-2025-31823	wpoperations WPoperation Elementor Addons	Med	0.42	6.5	0.00	Apr 1, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through <= 1.1.9.
CVE-2024-24803	wpoperations Ultra Companion	Med	0.42	6.5	0.00	Feb 10, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPoperation Ultra Companion – Companion plugin for WPoperation Themes allows Stored XSS.This issue affects Ultra Companion – Companion plugin for WPoperation Themes: from…

CVE-2025-39387HigApr 24, 2025
wpoperations
Opstore
risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpoperations Opstore opstore allows PHP Local File Inclusion.This issue affects Opstore: from n/a through <= 1.4.5.
CVE-2025-32921HigApr 24, 2025
wpoperations
Arrival
risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpoperations Arrival arrival allows PHP Local File Inclusion.This issue affects Arrival: from n/a through <= 1.4.5.
CVE-2025-31823MedApr 1, 2025
wpoperations
WPoperation Elementor Addons
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpoperations WPoperation Elementor Addons wpop-elementor-addons allows Stored XSS.This issue affects WPoperation Elementor Addons: from n/a through <= 1.1.9.
CVE-2024-24803MedFeb 10, 2024
wpoperations
Ultra Companion
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPoperation Ultra Companion – Companion plugin for WPoperation Themes allows Stored XSS.This issue affects Ultra Companion – Companion plugin for WPoperation Themes: from…