VYPR

Simple Banner

by Simple Banner Project

CVEs (2)

  • CVE-2022-2515MedSep 6, 2022
    risk 0.42cvss 6.4epss 0.01

    The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `pro_version_activation_code` parameter in versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…

  • CVE-2025-12033MedOct 22, 2025
    risk 0.29cvss 4.4epss 0.00

    The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pro_version_activation_code' parameter in all versions up to, and including, 3.0.10…