Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13639 | 1 Edmonsoft | 1 Read More \& Accordion | 2025-02-18 | N/A | 4.3 MEDIUM |
| The Read More & Accordion plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the expmDeleteData() function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary 'read more' posts. | |||||
| CVE-2023-3392 | 1 Edmonsoft | 1 Read More \& Accordion | 2024-11-21 | N/A | 7.2 HIGH |
| The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. | |||||