VYPR

Infinite Scroll

by WordPress

CVEs (2)

  • CVE-2022-4466MedMar 13, 2023
    risk 0.35cvss 5.4epss 0.00

    The WordPress Infinite Scroll WordPress plugin before 5.6.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored…

  • CVE-2024-10040MedOct 18, 2024
    risk 0.34cvss 5.3epss 0.00

    The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the process_ajax_edit and process_ajax_delete function. This makes it possible for…