Medium 5.3 Unfixed
2026-04-08≤ 5.4.3
CVE-2026-39712
tagDiv Composer
Minimum safe version
5.4.3
Update to 5.4.3 or later to address 19 fixable vulnerabilities
⚠ 2 vulnerabilities have no fix
Medium 6.5 Unfixed
2026-04-08≤ 5.4.3
CVE-2026-39692
High 7.1
2026-03-19< 5.4.3
CVE-2025-50001
Medium 6.5
2026-01-22< 5.4.3
CVE-2025-50005
High 7.1
2025-11-06< 5.4.2
CVE-2025-62031
Medium 6.5
2025-11-06< 5.4.2
CVE-2025-62030
Medium 6.1
2025-05-08< 5.4
tagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'data'
Medium 6.4
2025-05-02< 5.4.1
tagDiv Composer <= 5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes
Critical 9.8
2025-04-04< 5.4
CVE-2024-13645
Medium 6.1
2025-03-27< 5.4
tagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'account_id' and 'account_username'
Medium 6.1
2025-03-28< 5.4
tagDiv Composer <= 5.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Medium 6.1
2024-09-02< 5.1
WordPress tagDiv Composer Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)
Medium 6.1
2024-08-31< 5.1
CVE-2024-5212
High 8.8
2024-06-15< 4.9
CVE-2024-3813
Medium 4.8
2024-06-15< 4.9
CVE-2024-3814
Medium 6.4
2024-06-04< 4.9
CVE-2024-3888
Medium 4.8
2023-09-11< 4.2
CVE-2023-3170
Medium 6.1
2023-09-11< 4.2
CVE-2023-3169
High 7.1
2023-11-13< 4.4
CVE-2023-39166
Medium 6.1
2023-05-15< 4.0
CVE-2023-1596
Critical 9.8
2023-10-24< 3.5
WordPress tagDiv Composer Plugin < 3.5 is vulnerable to Broken Authentication