Redux Framework

Vulnerabilities 11Slug redux-frameworkLatest version 4.5.11WordPress.org →

Minimum safe version

4.5.9

Update to 4.5.9 or later to address 10 fixable vulnerabilities

Latest available4.5.11 ✓Affected up to4.1.23 ⚠

Medium 6.4

2025-12-13< 4.5.9

Redux Framework <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter

EUVD Wordfence CVE

High 7.2

2024-07-23< 4.4.18

CVE-2024-6828

CVE Wordfence Patchstack

N/A

< 4.1.24

Redux Framework 4.1.22 - 4.1.23 - CSRF Nonce Validation Bypass

WPScan

N/A

< 4.1.21

Redux Framework < 4.1.21 - CSRF Nonce Validation Bypass

WPScan

N/A

2020-11-23< 4.1.21

Gutenberg Template and Pattern Library & Redux Framework <= 4.1.20 - Cross-Site Request Forgery

Wordfence

N/A

2020-12-15< 4.1.24

Gutenberg Template Library & Redux Framework <= 4.1.23 - Cross-Site Request Forgery

Wordfence

N/A

2020-12-15< 4.1.21

WordPress Redux Framework plugin <= 4.1.20 - CSRF Nonce Validation Bypass vulnerability

Patchstack

N/A

2020-12-15≥ 4.1.22 and ≤ 4.1.23

WordPress Redux Framework <= 4.1.23 - Cross-Site Request Forgery (CSRF) Nonce Validation Bypass vulnerability

Patchstack

N/A

2020-12-15< 4.1.21

WordPress Redux plugin <= 4.1.20 - Cross-Site Request Forgery (CSRF) Nonce Validation Bypass vulnerability

Patchstack

Medium 5.3

2021-09-02< 4.2.13

CVE-2021-38314

CVE Patchstack Patchstack Wordfence WPScan

Medium 6.5

2021-09-02< 4.2.13

CVE-2021-38312

CVE Wordfence WPScan