VYPR

Website Llms Txt

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-27068HigMar 19, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Howard Website LLMs.txt website-llms-txt allows Reflected XSS.This issue affects Website LLMs.txt: from n/a through <= 8.2.6.

  • CVE-2026-6711MedApr 21, 2026
    risk 0.40cvss 6.1epss 0.00

    The Website LLMs.txt plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 8.2.6. This is due to the use of filter_input() without a sanitization filter and insufficient output escaping. This makes it…

  • CVE-2026-6712MedApr 21, 2026
    risk 0.29cvss 4.4epss 0.00

    The Website LLMs.txt plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…