N/A Unfixed
2023-07-18≤ 1.4.8
WordPress Widgets for SiteOrigin Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)
Widgets for SiteOrigin
Minimum safe version
1.4.3
Update to 1.4.3 or later to address 2 fixable vulnerabilities
Latest available1.4.8 ✓⚠ 3 vulnerabilities have no fix
N/A
2019-02-25< 1.4.3
Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update
N/A Closed
< 1.4.3
Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update
N/A Unfixed Closed
2022-02-28≤ 1.4.8
WordPress Widgets for SiteOrigin plugin <= 1.4.8 - Sensitive Information Disclosure vulnerability
N/A Unfixed Closed
2022-02-28≤ 1.4.8
WordPress Widgets for SiteOrigin plugin <= 1.4.8 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability