VYPR

MOLIE

by WordPress

CVEs (2)

  • CVE-2021-25007CriMar 14, 2022
    risk 0.64cvss 9.8epss 0.02

    The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using in a SQL statement, leading to an SQL Injection

  • CVE-2021-25006MedMar 14, 2022
    risk 0.40cvss 6.1epss 0.01

    The MOLIE WordPress plugin through 0.5 does not escape the course_id parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue