VYPR
Vendor

Wpsoul

Products
4
CVEs
14
Across products
14
Status
Private

Products

4

Recent CVEs

14
  • CVE-2025-49301MedJun 6, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows DOM-Based XSS.This issue affects Greenshift: from n/a through <= 11.5.5.

  • CVE-2025-30873MedMar 27, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affects Greenshift: from n/a through <= 11.0.2.

  • CVE-2025-26884MedFeb 25, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affects Greenshift: from n/a through <= 10.8.

  • CVE-2024-51926MedNov 19, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul GreenCon greencon allows Stored XSS.This issue affects GreenCon: from n/a through <= 1.0.1.

  • CVE-2024-44005MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affects Greenshift: from n/a through <= 9.3.7.

  • CVE-2023-6636HigJan 11, 2024
    risk 0.40cvss 7.2epss 0.01

    The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'gspb_save_files' function in versions up to, and including, 7.6.2. This makes it possible for authenticated attackers…

  • CVE-2024-50419MedOct 30, 2024
    risk 0.35cvss 5.4epss 0.00

    Incorrect Authorization vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greenshift: from n/a through <= 9.7.

  • CVE-2025-57884MedAug 22, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greenshift: from n/a through <= 12.1.1.

  • CVE-2025-3616Apr 22, 2025
    risk 0.00cvss epss 0.02

    The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_request() function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers,…

  • CVE-2024-6155Jan 9, 2025
    risk 0.00cvss epss 0.00

    The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Authenticated (Subscriber+) Server-Side Request Forgery and Stored Cross Site Scripting in all versions up to, and including, 9.0.0 due to a missing capability check in the…

  • CVE-2024-11181Dec 12, 2024
    risk 0.00cvss epss 0.00

    The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 9.9.9.3 via the 'wp_reusable_render' shortcode due to insufficient restrictions on which posts can be included. This makes it…

  • CVE-2024-43943Aug 29, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8.

  • CVE-2024-43942Aug 29, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Query and Meta Addon allows SQL Injection.This issue affects Greenshift Query and Meta Addon: from n/a before 3.9.2.

  • CVE-2024-35765Jun 19, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wpsoul Greenshift – animation and page builder blocks allows Stored XSS.This issue affects Greenshift – animation and page builder blocks: from n/a through 8.8.9.1.