Atomic Edge Product

AI-Powered CVE Analysis for WordPress Plugins

We use AI to automate the differential analysis between vulnerable and patched plugin versions to understand and interpret the security issues. What we share here is research-grade proof of concept demonstrations that are then fed back into our endpoint firewall service.

WordPress Proof of Concepts

AI-assisted vulnerability analysis with PoC demonstration

medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (spice-post-slider)

CVE-2024-13362 affects Spice Post Slider (v2.1) with a CVSS score of 6.1. This medium severity XSS vulnerability allows unauthenticated attackers to inject scripts. Update to v2.2 to mitigate risks.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (independent-analytics)

CVE-2024-13362 affects the Independent Analytics plugin (v2.9.7) with a medium severity (CVSS 6.1) cross-site scripting vulnerability. Upgrade to v2.10.0 to mitigate the risk of unauthorized script injection.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (wpide)

CVE-2024-13362 affects the Wpide plugin (v3.5.1) with a medium severity (CVSS 6.1) reflected XSS vulnerability. Users should update to version 3.5.2 to mitigate potential attacks through unsanitized URL parameters.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (goal-tracker-ga)

CVE-2024-13362 affects the Goal Tracker Ga plugin (v1.1.5) with a medium severity CVSS score of 6.1. Patch to v1.1.6 to mitigate reflected cross-site scripting risks from unauthenticated attackers.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (elespare)

CVE-2024-13362 affects the Elespare plugin (v3.3.2) with a CVSS score of 6.1. This medium severity XSS vulnerability allows unauthenticated attackers to inject scripts via the URL parameter. Patching is essential for security.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (role-and-customer-based-pricing-for-woocommerce)

CVE-2024-13362 affects the Role And Customer Based Pricing For Woocommerce plugin (v1.6.0) with a CVSS score of 6.1. Users should upgrade to v1.6.1 to mitigate the reflected XSS vulnerability.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (html5-audio-player)

CVE-2024-13362 affects Html5 Audio Player (v2.2.27) with a medium severity (CVSS 6.1) reflected XSS vulnerability. Update to v2.5.1 to mitigate risks from potential script injection attacks.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (aibuddy-openai-chatgpt)

CVE-2024-13362 affects Aibuddy Openai Chatgpt version 1.7.2 with a medium severity CVSS score of 6.1. Users should update to version 1.8.5 to mitigate the risk of reflected cross-site scripting attacks.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (fullscreen-background)

CVE-2024-13362 affects the Fullscreen Background plugin (v2.0.2) with a medium severity CVSS score of 6.1. Patch to v2.0.3 to mitigate reflected XSS risks from unauthenticated attackers.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (custom-php-settings)

CVE-2024-13362 affects the Custom Php Settings plugin (v2.3.1) with a medium severity (CVSS 6.1) reflected XSS vulnerability. Users should update to v2.3.2 to mitigate risks from potential attacks.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (advanced-scrollbar)

CVE-2024-13362 affects the Advanced Scrollbar plugin (v1.1.3) with a medium severity CVSS score of 6.1. This cross-site scripting vulnerability requires user interaction to exploit. Update to the patched version to mitigate risks.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (display-a-meta-field-as-block)

CVE-2024-13362 affects the Display A Meta Field As Block plugin (v1.3.3) with a CVSS score of 6.1. This medium-severity XSS vulnerability allows unauthenticated attackers to inject scripts. Update to v1.3.4 to mitigate.
View Analysis
medium
May 10, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (bbp-core)

CVE-2024-13362 affects Bbp Core plugin version 1.2.7 with a medium severity CVSS score of 6.1. Unauthenticated attackers can exploit a cross-site scripting vulnerability; users should update to version 1.2.9 to mitigate risks.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (wp-fail2ban)

CVE-2024-13362 affects Wp Fail2ban versions up to 5.3.4, allowing unauthenticated attackers to exploit a medium severity XSS vulnerability. Users should upgrade to version 5.4.0 to mitigate risks.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (wp-coupons-and-deals)

CVE-2024-13362 affects the WP Coupons And Deals plugin (v3.2.2) with a medium severity (CVSS 6.1) reflected XSS vulnerability. Users should upgrade to v3.2.3 to mitigate the risk of unauthorized script injection.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (foobox-image-lightbox)

CVE-2024-13362 affects the Foobox Image Lightbox plugin (v2.7.33) with a medium severity (CVSS 6.1) reflected XSS vulnerability. Users should upgrade to v2.7.34 to mitigate risks from potential script injections.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (wp-top-news)

CVE-2024-13362 affects Wp Top News (v2.4.1) with a medium severity (CVSS 6.1) cross-site scripting vulnerability. Upgrade to v2.4.3 to mitigate risks from potential script injection attacks.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (wp-auto-republish)

CVE-2024-13362 affects the Wp Auto Republish plugin (version 1.5.8) with a medium severity CVSS score of 6.1. Unauthenticated attackers can exploit this cross-site scripting vulnerability, so ensure you update to the patched version.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (woo-conditional-payment-gateways)

CVE-2024-13362 affects Woo Conditional Payment Gateways (v1.16.3) with a medium severity CVSS score of 6.1 due to reflected XSS. Upgrade to v1.16.4 to mitigate risks from potential script injection attacks.
View Analysis
medium
May 9, 2026

CVE-2024-13362: Freemius <= 2.10.1 – Reflected DOM-Based Cross-Site Scripting via url Parameter (wp-data-access)

CVE-2024-13362 affects the Wp Data Access plugin (v5.5.31) with a medium severity (CVSS 6.1) reflected XSS vulnerability. Users should update to v5.5.32 to mitigate risks from potential script injections.
View Analysis

How Atomic Edge Works

Simple Setup. Powerful Security.

Atomic Edge acts as a security layer between your website & the internet — inspecting, filtering, and blocking malicious traffic before it ever reaches
your application.

See How It Works