avirtum CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

avirtum vulnerability overview

Aggregates CVE and security vulnerability intelligence across all avirtum-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2023-46823	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4.	[email protected]	7.6	0.80%	2023-11-06	2026-06-17
CVE-2023-41949	Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Avirtum iFolders plugin <= 1.5.0 versions.	[email protected]	5.9	0.31%	2023-09-25	2026-06-17
CVE-2022-4393	The ImageLinks Interactive Image Builder for WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.	[email protected]	5.4	0.47%	2023-01-09	2026-06-17

cvelogic Threat Intelligence