Filter
-Infinity
0

Trending

Last week
Last month
Last year

KingComposertagDiv Composer <= 5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

medium
6.4
EPSS
0.03%
First published (updated )
CVE-2025-3510

tagDiv Opt-In BuildertagDiv Opt-In Builder <= 1.7 - Authenticated (Subscriber+) SQL Injection via subscriptionCouponId Parameter

medium
6.5
First published (updated )
CVE-2025-2890

KingComposerTagDiv Composer <= 5.3 - Unauthenticated Arbitrary PHP Object Instantiation

critical
9.8
First published (updated )
CVE-2024-13645

KingComposertagDiv Composer <= 5.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

medium
6.1
First published (updated )
CVE-2025-1705

KingComposertagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'account_id' and 'account_username'

medium
6.1
EPSS
0.06%
First published (updated )
CVE-2025-2804

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tagdiv ComposertagDiv Composer <= 5.0 - Reflected Cross-Site Scripting via envato_code[]

medium
6.1
First published (updated )
CVE-2024-5212

Tagdiv ComposertagDiv Composer <= 5.0 - Reflected Cross-Site Scripting via envato_code[]

medium
6.1
First published (updated )
CVE-2024-3886

Tagdiv ComposertagDiv Composer <= 4.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode

high
8.8
First published (updated )
CVE-2024-3813

Tagdiv NewspaperNewspaper <= 12.6.5 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta

medium
5.5
First published (updated )
CVE-2024-3815

Tagdiv ComposertagDiv Composer <= 4.8 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta

medium
5.5
First published (updated )
CVE-2024-3814

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

KingComposertagDiv Composer <= 4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via button Shortcode

medium
6.4
EPSS
0.04%
First published (updated )
CVE-2024-3888

Tagdiv ComposerWordPress tagDiv Composer Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)

high
7.1
First published (updated )
CVE-2023-39166

Tagdiv ComposertagDiv Composer < 4.2 - Admin+ Stored XSS

medium
4.8
First published (updated )
CVE-2023-3170

Tagdiv ComposertagDiv Composer < 4.2 - Unauthenticated Stored XSS

medium
6.1
First published (updated )
CVE-2023-3169

tagDiv Cloud LibrarytagDiv Cloud Library < 2.7 - Unauthenticated Arbitrary User Metadata Update to Privilege Escalation

high
8.8
First published (updated )
CVE-2023-1597

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

tagDiv ComposertagDiv Composer < 4.0 - Reflected Cross-site Scripting

medium
6.1
First published (updated )
CVE-2023-1596

Tagdiv NewspaperNewspaper < 12 - Reflected Cross-Site Scripting

medium
6.1
First published (updated )
CVE-2022-2167

Tagdiv NewspaperNewspaper < 12 - Reflected Cross-Site Scripting

medium
6.1
First published (updated )
CVE-2022-2627

NewsmagNewsmag < 5.0 - Unauthenticated Reflected Cross-site Scripting (XSS)

medium
6.1
First published (updated )
CVE-2021-24304

Tagdiv NewspaperXSS

medium
6.1
First published (updated )
CVE-2021-3135

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tagdiv NewspaperThe newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_upda…

critical
9.8
First published (updated )
CVE-2016-10972

Tagdiv NewspaperThe newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax…

critical
9.8
First published (updated )
CVE-2017-18634

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203