Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-19	CVE-2024-30424	Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Stored XSS.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.4. network low complexity wpzoom CWE-79	5.4
2024-09-25	CVE-2024-9027	Cross-site Scripting vulnerability in Wpzoom Shortcodes The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity wpzoom CWE-79	5.4
2024-08-31	CVE-2024-8276	Cross-site Scripting vulnerability in Wpzoom Portfolio The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4
2024-07-09	CVE-2024-37464	Unspecified vulnerability in Wpzoom Beaver Builder Addons Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Path Traversal.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.5. network low complexity wpzoom	4.9
2024-06-20	CVE-2024-5686	Cross-site Scripting vulnerability in Wpzoom Addons for Elementor The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Team Members widget in all versions up to, and including, 1.1.38 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4
2024-04-09	CVE-2024-2181	Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4
2024-04-09	CVE-2024-2183	Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4
2024-04-09	CVE-2024-2185	Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4
2024-04-09	CVE-2024-2186	Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Members widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4
2024-04-09	CVE-2024-2187	Cross-site Scripting vulnerability in Wpzoom Beaver Builder Addons The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. network low complexity wpzoom CWE-79	5.4