4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilities in TagDiv\",\"url\":\"https://vexday.io/en/vendor/TagDiv\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":23},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technologies\",\"item\":\"https://vexday.io/en/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"TagDiv\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/vendors","children":"Technologies"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"TagDiv"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilities in"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"TagDiv"}]]}],["$","span",null,{"className":"t","children":["23"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2022-3477",{"className":"item","href":"/en/cve/CVE-2022-3477","children":[["$","span",null,{"className":"cid","children":"CVE-2022-3477"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer < 3.5 - Unauthenticated Account Takeover"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"3.5%"}]]}],false]}]]}],["$","$La","CVE-2024-3813",{"className":"item","href":"/en/cve/CVE-2024-3813","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3813"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 4.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2024-13645",{"className":"item","href":"/en/cve/CVE-2024-13645","children":[["$","span",null,{"className":"cid","children":"CVE-2024-13645"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"TagDiv Composer <= 5.3 - Unauthenticated Arbitrary PHP Object Instantiation"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2023-3416",{"className":"item","href":"/en/cve/CVE-2023-3416","children":[["$","span",null,{"className":"cid","children":"CVE-2023-3416"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2023-3419",{"className":"item","href":"/en/cve/CVE-2023-3419","children":[["$","span",null,{"className":"cid","children":"CVE-2023-3419"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2024-3886",{"className":"item","href":"/en/cve/CVE-2024-3886","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3886"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 5.0 - Reflected Cross-Site Scripting via envato_code[]"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-5212",{"className":"item","href":"/en/cve/CVE-2024-5212","children":[["$","span",null,{"className":"cid","children":"CVE-2024-5212"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 5.0 - Reflected Cross-Site Scripting via envato_code[]"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-1705",{"className":"item","href":"/en/cve/CVE-2025-1705","children":[["$","span",null,{"className":"cid","children":"CVE-2025-1705"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 5.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-2890",{"className":"item","href":"/en/cve/CVE-2025-2890","children":[["$","span",null,{"className":"cid","children":"CVE-2025-2890"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Opt-In Builder <= 1.7 - Authenticated (Subscriber+) SQL Injection via subscriptionCouponId Parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-3888",{"className":"item","href":"/en/cve/CVE-2024-3888","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3888"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via button Shortcode"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-3814",{"className":"item","href":"/en/cve/CVE-2024-3814","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3814"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 4.8 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-2806",{"className":"item","href":"/en/cve/CVE-2025-2806","children":[["$","span",null,{"className":"cid","children":"CVE-2025-2806"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'data'"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-3510",{"className":"item","href":"/en/cve/CVE-2025-3510","children":[["$","span",null,{"className":"cid","children":"CVE-2025-3510"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-2804",{"className":"item","href":"/en/cve/CVE-2025-2804","children":[["$","span",null,{"className":"cid","children":"CVE-2025-2804"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"tagDiv Composer <= 5.3 - Reflected Cross-Site Scripting via 'account_id' and 'account_username'"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-50005",{"className":"item","href":"/en/cve/CVE-2025-50005","children":[["$","span",null,{"className":"cid","children":"CVE-2025-50005"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress tagDiv Composer plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2023-39166",{"className":"item","href":"/en/cve/CVE-2023-39166","children":[["$","span",null,{"className":"cid","children":"CVE-2023-39166"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress tagDiv Composer Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-53222",{"className":"item","href":"/en/cve/CVE-2025-53222","children":[["$","span",null,{"className":"cid","children":"CVE-2025-53222"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress tagDiv Opt-In Builder plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-62031",{"className":"item","href":"/en/cve/CVE-2025-62031","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62031"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-39712",{"className":"item","href":"/en/cve/CVE-2026-39712","children":[["$","span",null,{"className":"cid","children":"CVE-2026-39712"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress tagDiv Composer plugin <= 5.4.3 - Arbitrary Shortcode Execution vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-62030",{"className":"item","href":"/en/cve/CVE-2025-62030","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62030"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress tagDiv Composer plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","2"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}]]}]