VYPR

Twittee Text Tweet

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-4089MedApr 22, 2026
    risk 0.42cvss 6.4epss 0.00

    The Twittee Text Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode attribute in all versions up to and including 1.0.8. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. The…

  • CVE-2023-0602Jul 31, 2023
    risk 0.01cvss epss 0.01

    The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are printed back to the user inside one of the plugin's administrative page, which allows reflected XSS attacks targeting administrators to happen.