VYPR

Leyka

by Te St

Source repositories

CVEs (2)

  • CVE-2025-53275MedJun 27, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VaultDweller Leyka leyka allows DOM-Based XSS.This issue affects Leyka: from n/a through <= 3.32.1.

  • CVE-2023-4917MedSep 13, 2023
    risk 0.27cvss 5.3epss 0.01

    The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.7 via the 'leyka_ajax_get_env_and_options' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data…