VYPR

ShopWP

by WordPress

CVEs (1)

  • CVE-2019-25214HigOct 16, 2024
    risk 0.47cvss 7.2epss 0.00

    The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST API routes in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to call the endpoints and perform unauthorized actions…