JS Archive List

Vulnerabilities 4Slug jquery-archive-list-widgetLatest version 6.3.1WordPress.org →

Minimum safe version

6.2.0

Update to 6.2.0 or later to address 4 fixable vulnerabilities

Latest available6.3.1
N/A
2026-03-06< 6.2.0

JS Archive List <= 6.1.7 - Authenticated (Contributor+) PHP Object Injection via 'included' Shortcode Attribute

WordfenceCVE
Critical 9.3
2025-08-27< 6.1.6

WordPress JS Archive List Plugin < 6.1.6 is vulnerable to SQL Injection

PatchstackWordfenceCVEEUVD
High 7.5
2025-08-19< 6.1.6

JS Archive List <= 6.1.5 - Unauthenticated SQL Injection via build_sql_where Function

EUVDWordfenceCVE