designchemical CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

designchemical vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to designchemical, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2023-4890 The JQuery Accordion Menu Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcwp-jquery-accordion' shortcode in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. [email protected] 6.4 0.44% 2023-09-11 2026-06-17
CVE-2018-20555 The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to discover Twitter access_token, access_token_secret, consumer_key, and consumer_secret values by reading the dcwp_twitter.php source code. This leads to Twitter account takeover. [email protected] 9.8 10.40% 2019-03-21 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence