VYPR

GigToDo Freelance Marketplace Script

by Codecanyon

CVEs (1)

  • CVE-2019-25739MedJun 4, 2026
    risk 0.35cvss 5.4epss 0.00

    GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers can craft XSS payloads in the create_proposal endpoint that execute when…