Envo Extra

Vulnerabilities 10Slug envo-extraLatest version 1.9.20WordPress.org →

Minimum safe version

1.9.14

Update to 1.9.14 or later to address 10 fixable vulnerabilities

Latest available1.9.20 ✓

Medium 4.3

2026-03-13< 1.9.14

CVE-2026-32386

Medium 6.5

2025-12-05< 1.9.12

Envo Extra <= 1.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

Medium 4.3

2025-05-07< 1.9.10

CVE-2025-47471

Medium 4.3

2024-11-09< 1.9.4

CVE-2024-10770

Medium 5.4

2024-06-07< 1.8.25

CVE-2024-5645

Medium 5.4

2024-05-16< 1.8.17

CVE-2024-4385

Medium 5.4

2024-04-17< 1.8.12

CVE-2024-32456

N/A

< 1.8.4

Envo Extra < 1.8.4 - Cross-Site Request Forgery

N/A

2023-10-18< 1.8.4

WordPress Envo Extra Plugin < 1.8.4 is vulnerable to Cross Site Request Forgery (CSRF)

N/A

2023-10-17< 1.8.4

Envo Extra <= 1.8.3 - Cross-Site Request Forgery