CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envatocode’ parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the onajaxcheckenvatocode function. This makes it possible for...

6.1CVSS6.3AI score0.00969EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:31 a.m.•10 views

CVE-2024-5212

The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘envatocode’ parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the onajaxregisterforumuser function. This makes it possible for...

6.1CVSS6.4AI score0.00843EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:23 a.m.•1 views

CVE-2024-3888

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button shortcode in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6.1AI score0.00311EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:21 a.m.•3 views

CVE-2024-3814

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'single' module in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

5.5CVSS6AI score0.00246EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:40 a.m.•6 views

CVE-2023-39166

Cross-Site Request Forgery CSRF vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting XSS.This issue affects tagDiv Composer: from n/a before 4.4...

7.1CVSS7AI score0.00061EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by