VYPR

Custom Sidebars

by WordPress

CVEs (3)

  • CVE-2017-18511HigAug 14, 2019
    risk 0.57cvss 8.8epss 0.01

    The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.

  • CVE-2017-18510HigAug 14, 2019
    risk 0.57cvss 8.8epss 0.01

    The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions.

  • CVE-2025-23912HigJan 16, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Philipp Speck WordPress Custom Sidebar wordpress-custom-sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through <= 2.3.