VYPR

Five Star Business Profile and Schema

by WordPress

CVEs (1)

  • CVE-2021-25060MedFeb 21, 2022
    risk 0.35cvss 5.4epss 0.01

    The Five Star Business Profile and Schema WordPress plugin before 2.1.7 does not have any authorisation and CSRF in its bpfwp_welcome_add_contact_page and bpfwp_welcome_set_contact_information AJAX action, allowing any authenticated users, such as subscribers, to call them.…