VYPR

Wechat Reward

by WordPress

CVEs (1)

  • CVE-2021-24615MedOct 18, 2021
    risk 0.35cvss 5.4epss 0.00

    The Wechat Reward WordPress plugin through 1.7 does not sanitise or escape its QR settings, nor has any CSRF check in place, allowing attackers to make a logged in admin change the settings and perform Cross-Site Scripting attacks.