VYPR

Insight Core

by WordPress

CVEs (1)

  • CVE-2021-24950MedMar 14, 2022
    risk 0.35cvss 5.4epss 0.01

    The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in the insight_customizer_options_import (available to any authenticated user), does not validate user input before passing it to unserialize(), nor sanitise and escape it before…