VYPR

User Feedback

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-5902HigJul 12, 2024
    risk 0.47cvss 7.2epss 0.00

    The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name parameter in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output…

  • CVE-2023-39308HigSep 29, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <= 1.0.7 versions.

  • CVE-2024-0903MedFeb 22, 2024
    risk 0.35cvss 5.4epss 0.00

    The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page_submitted' 'link' value in all versions up to, and including, 1.0.13 due to insufficient input sanitization…

  • CVE-2023-50887MedDec 9, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.0.10.

  • CVE-2025-10694MedOct 25, 2025
    risk 0.27cvss 5.3epss 0.00

    The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `maybe_load_onboarding_wizard` function in all versions up to, and including,…