VYPR

Shiny Buttons

by WordPress

CVEs (1)

  • CVE-2021-24792MedDec 13, 2021
    risk 0.40cvss 6.1epss 0.01

    The Shiny Buttons WordPress plugin through 1.1.0 does not have any authorisation and CSRF in place when saving a template (wpbtn_save_template function hooked to the init action), nor sanitise and escape them before outputting them in the admin dashboard, which allow…