← Back

Team Wordpress Team Members Showcase

team_-_wordpress_team_members_showcase

Vendor: Radiustheme • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-9236
1Radiustheme
1Team Wordpress Team Members Showcase
Jun 12, 2025
May 15, 2025
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The Team WordPress plugin before 4.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html...Show more
The Team WordPress plugin before 4.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less
CVE-2022-2557
1Radiustheme
1Team Wordpress Team Members Showcase
Nov 21, 2024
Aug 22, 2022
N/A· v4
8.8 HIGH· v3
N/A· v2
The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after i...Show more
The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is returned to the userShow less