Approved changes feed: RSS · Atom

cpe:2.3:a:oxilab:accordions:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorOxilab (625ac1bf-21af-5e5d-be4d-6e894fb48ca6)
ProductAccordions (451018fa-3979-5742-a75b-31978baddf95)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-37122 vulnerable 2026-06-08 06:39:46.647740 WordPress Accordions plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Biplob Adhikari Accordions allows Stored XSS.This issue affects Accordions: from n/a through 2.3.5.
Published: 2024-07-22T09:34:27.909Z
Updated: 2026-04-28T16:09:56.300Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-25962 vulnerable 2026-06-08 05:56:11.837452 WordPress Accordions Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)
MEDIUM (5.9)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari Accordion – Multiple Accordion or FAQs Builder plugin <= 2.3.0 versions.
Published: 2023-05-04T12:47:39.051Z
Updated: 2026-04-28T16:08:10.691Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-45082 vulnerable 2026-06-08 05:50:35.588906 WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities
LOW (3.4)
Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key.
Published: 2022-11-18T21:59:37.786Z
Updated: 2026-04-28T16:07:52.060Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-38104 vulnerable 2026-06-08 05:47:15.783320 WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability
HIGH (7.2)
Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari's Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.
Published: 2022-10-21T15:33:17.747Z
Updated: 2026-04-28T16:07:47.094Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-33198 vulnerable 2026-06-08 05:44:46.490352 WordPress Accordions plugin <= 2.0.2 - Unauthenticated WordPress Options Change vulnerability
CRITICAL (9.8)
Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress.
Published: 2022-07-21T17:26:30.629Z
Updated: 2026-04-28T16:07:43.893Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.