HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-40211

CVSS 7.5v3.1pub. 2023-11-30upd. 2026-04-28

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Pickplugins Post Grid Combo

    APP
    Pickplugins
    < 2.2.51
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-7072HIGH7.5ten sam produkt

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposur...

CVE-2023-6645MEDIUM6.4ten sam produkt

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...

CVE-2022-4693CRITICAL9.8ten sam vendor

The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To...

CVE-2024-13408HIGH7.5ten sam vendor

The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for Word...

CVE-2021-4450HIGH8.8ten sam vendor

The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in versions up to, a...