Wp Pipes
Sign in to watchby Thimpress
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-28982 | Cri | 0.60 | 9.3 | 0.00 | Jul 16, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress WP Pipes allows SQL Injection. This issue affects WP Pipes: from n/a through 1.4.3. | |
| CVE-2025-60227 | Hig | 0.56 | 8.6 | 0.00 | Oct 22, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through <= 1.4.3. | |
| CVE-2025-48267 | Hig | 0.56 | 8.6 | 0.00 | Jun 9, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThimPress WP Pipes allows Path Traversal. This issue affects WP Pipes: from n/a through 1.4.2. | |
| CVE-2025-28979 | Hig | 0.53 | 8.1 | 0.00 | Aug 14, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress WP Pipes allows PHP Local File Inclusion. This issue affects WP Pipes: from n/a through 1.4.3. | |
| CVE-2025-28977 | Hig | 0.46 | 7.1 | 0.00 | Aug 20, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3. | |
| CVE-2025-47664 | Med | 0.29 | 4.4 | 0.00 | May 7, 2025 | Server-Side Request Forgery (SSRF) vulnerability in ThimPress WP Pipes allows Server Side Request Forgery. This issue affects WP Pipes: from n/a through 1.4.2. |