VYPR

simple sort&search

by WordPress

CVEs (1)

  • CVE-2021-24433MedJan 16, 2024
    risk 0.35cvss 5.4epss 0.00

    The simple sort&search WordPress plugin through 0.0.3 does not make sure that the indexurl parameter of the shortcodes "category_sims", "order_sims", "orderby_sims", "period_sims", and "tag_sims" use allowed URL protocols, which can lead to stored cross-site scripting by users…