Filtered by vendor Edmonsoft
Subscriptions
Filtered by product Read More \& Accordion
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-13639 | 1 Edmonsoft | 1 Read More \& Accordion | 2025-02-18 | 4.3 Medium |
| The Read More & Accordion plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the expmDeleteData() function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary 'read more' posts. | ||||
| CVE-2023-3392 | 1 Edmonsoft | 1 Read More \& Accordion | 2024-11-21 | 7.2 High |
| The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. | ||||
Page 1 of 1.