CVE-2024-34372

CVE-2024-34372 is a Missing Authorization vulnerability in the Post Grid Master (AddonMaster) plugin, affecting Post Grid Master versions up to 3.4.7. Public records from Red Hat and Wordfence corroborate the issue as Missing Authorization with a CVSS v3.1 base score of 5.3 (Medium). The Patch st...

CVE-2024-34390

CVE-2024-34390 is a stored XSS in WordPress plugin Post Grid Master (Ajax Filter Everything) that affects Post Grid Master versions up to 3.4.8 (and from n/a through 3.4.8). The issue arises from improper input neutralization during web page generation. The vulnerability has a CVSS v3.1 base scor...

CVE-2025-24733

CVE-2025-24733 — WordPress Post Grid Master plugin

CVE-2024-11642

CVE-2024-11642 – The WordPress plugin “Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode Builder” is affected by an unauthenticated Local File Inclusion via locate_template in all versions up to 3.4.12. The vulnerabil...

CVE-2024-43156

CVE-2024-43156 is a reflected XSS in Post Grid Master (AddonMaster Post Grid Master). The vulnerability arises from improper neutralization of input during web page generation and affects Post Grid Master versions from n/a up to 3.4.10. The CVE entry is marked as patched; remediation is to upgrad...

CVE-2025-30974

CVE-2025-30974 is a Missing Authorization vulnerability in the WordPress plugin Post Grid Master . The issue arises from incorrectly configured access control levels, enabling unauthorized users to exploit restricted actions. Affected versions are Post Grid Master

CVE-2025-5084

CVE-2025-5084 affects the WordPress plugin Post Grid Master (versions up to 3.4.13). The issue is a Reflected Cross-Site Scripting vulnerability via the argsArray['read_more_text'] parameter caused by insufficient input sanitization and output escaping, enabling unauthenticated attackers to injec...