Skip to main content

Filter Grids

2 CVEs product

Monthly

CVE-2026-32397 MEDIUM This Month

YMC Filter & Grids through version 3.5.1 contains an authorization bypass that allows unauthenticated remote attackers to modify data due to improperly configured access controls. The vulnerability affects the smart-filter component and could enable unauthorized alterations to filtered content or grid configurations without requiring user interaction or privileges.

Authentication Bypass Filter Grids
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2024-6164 CRITICAL POC Act Now

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP WordPress Filter Grids
NVD WPScan
CVSS 3.1
9.8
EPSS
1.1%
EPSS 0% CVSS 5.3
MEDIUM This Month

YMC Filter & Grids through version 3.5.1 contains an authorization bypass that allows unauthenticated remote attackers to modify data due to improperly configured access controls. The vulnerability affects the smart-filter component and could enable unauthorized alterations to filtered content or grid configurations without requiring user interaction or privileges.

Authentication Bypass Filter Grids
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP WordPress +1
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy