VYPR

WOOF WordPress plugin

by WordPress

CVEs (2)

  • CVE-2021-25071MedMar 28, 2022
    risk 0.40cvss 6.1epss 0.01

    The WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting

  • CVE-2021-25085MedFeb 1, 2022
    risk 0.40cvss 6.1epss 0.02

    The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape the woof_redraw_elements before outputing back in an admin page, leading to a Reflected Cross-Site Scripting