VYPR

Iteras

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-53710HigDec 2, 2024
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in ITERAS ITERAS iteras allows Stored XSS.This issue affects ITERAS: from n/a through <= 1.8.0.

  • CVE-2026-4078MedApr 24, 2026
    risk 0.42cvss 6.4epss 0.00

    The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes (iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice) in all versions up to and including 1.8.2. This is due to insufficient input sanitization and output…