Skip to main content
Affected Products
Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Vendor
Product
in grandplugins
Min CVSS
Any
Low (0.1+)
Medium (4.0+)
High (7.0+)
Critical (9.0+)
Sort By
Vendor (A–Z)
Most CVEs
Worst Severity
Most KEV
Apply
Clear
Export CSV
Products
1 vendor
Vendor
Products
CVEs
KEV
Avg EPSS
Worst Severity
grandplugins
2
2
0
24.0%
MEDIUM
← First page
Next page →
Related CVEs
2
Sort
Newest first
Highest EPSS
Highest CVSS
Severity
CVE ID
Description
Severity
CVSS
KEV
EPSS
Published
CVE-2024-9238
The AVIF Uploader WordPress plugin before 1.1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.
MEDIUM
5.4
—
16.6%
May 15, 2025
CVE-2023-47657
Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin <= 1.5.8 versions.
MEDIUM
4.8
—
31.3%
Nov 14, 2023