VYPR

Visual CSS Style Editor

by WordPress

CVEs (2)

  • CVE-2021-24934MedFeb 1, 2022
    risk 0.40cvss 6.1epss 0.01

    The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue

  • CVE-2022-33961MedMay 10, 2023
    risk 0.26cvss 4.0epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <= 7.5.8 versions.