Drop Shadow Boxes

Vulnerabilities 11Slug drop-shadow-boxesLatest version 1.7.15WordPress.org →

Minimum safe version

1.7.15

Update to 1.7.15 or later to address 11 fixable vulnerabilities

Latest available1.7.15 ✓

Medium 6.3

2024-11-16< 1.7.15

CVE-2024-10262

CVE Wordfence Patchstack

Medium 6.3

2024-10-16< 1.7.5

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 5.4

2023-11-22< 1.7.14

CVE-2023-5469

CVE Wordfence Patchstack WPScan

N/A

2023-07-18< 1.7.12

WordPress Drop Shadow Boxes Plugin < 1.7.12 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Medium 6.5

2023-07-25< 1.7.11

CVE-2023-23833

CVE Patchstack WPScan

N/A

2023-05-15< 1.7.11

Drop Shadow Boxes <= 1.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting

Wordfence

N/A

2019-02-25< 1.7.2

Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update

Wordfence

N/A

2022-03-04< 1.7.4

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

< 1.7.2

Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update

WPScan

N/A

2022-02-28< 1.7.5

WordPress Drop Shadow Boxes plugin <= 1.7.4 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.7.5

WordPress Drop Shadow Boxes plugin <= 1.7.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack