VYPR

Packagist (Composer) package

johnbillion/wp-crontrol

pkg:composer/johnbillion/wp-crontrol

Vulnerabilities (2)

  • CVE-2025-8678MedAug 22, 2025
    affected >= 1.17.0, < 1.19.2fixed 1.19.2

    The WP Crontrol plugin for WordPress is vulnerable to blind Server-Side Request Forgery in versions 1.17.0 to 1.19.1 via the 'wp_remote_request' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitr

  • CVE-2024-28850Mar 25, 2024
    affected < 1.16.2fixed 1.16.2

    WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no k