VYPR

Tips Shortcode

by WordPress

CVEs (1)

  • CVE-2025-11767MedNov 21, 2025
    risk 0.42cvss 6.4epss 0.00

    The Tips Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tip' shortcode in all versions up to, and including, 0.2.1. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…