VYPR

Official Integration for Billingo

by WordPress

CVEs (2)

  • CVE-2025-49950HigOct 22, 2025
    risk 0.47cvss 7.2epss 0.00

    Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through <= 4.3.0.

  • CVE-2022-3420MedOct 31, 2022
    risk 0.31cvss 4.8epss 0.00

    The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks.