CVE Tools

oxilab

Web & CMS Pluginscommercial

12

Cumulative CVEs

3

Monthly snapshots

#122

Peak rank

Top products

accordions1 image hover effects for elementor with lightbox and flipbox1 responsive tabs1

Latest CVEs

The 15 most recently published vulnerabilities affecting oxilab.

CVE-2024-13362Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter6.1May 1, 2026
CVE-2025-5092Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library6.4Nov 20, 2025
CVE-2024-37120WordPress Tabs plugin <= 4.0.6 - Cross Site Scripting (XSS) vulnerability5.9Jul 22, 2024
CVE-2024-37121WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability5.9Jul 22, 2024
CVE-2024-37122WordPress Accordions plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability5.9Jul 22, 2024
CVE-2024-37546WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability6.5Jul 6, 2024
CVE-2024-5001Image Hover Effects for Elementor with Lightbox and Flipbox <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id, oxi_addons_f_title_tag, and content_description_tag Parameters6.4Jun 6, 2024
CVE-2023-25962WordPress Accordions Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)5.9May 4, 2023
CVE-2022-45831WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS)7.1Mar 28, 2023
CVE-2022-4207The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insuffici...5.5Dec 13, 2022
CVE-2022-42459WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability7.2Nov 18, 2022
CVE-2022-45082WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities3.4Nov 18, 2022
CVE-2022-38104WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability7.2Oct 21, 2022
CVE-2022-2937Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Title & Description6.4Sep 23, 2022
CVE-2022-2935Image Hover Effects Ultimate <= 9.7.3 - Authenticated Stored Cross-Site Scripting via Media URL6.4Sep 6, 2022