VYPR

Inquiry Form To Posts Or Pages

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-5169MedApr 8, 2026
    risk 0.29cvss 4.4epss 0.00

    The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Form Header' field in versions up to and including 1.0. This is due to insufficient input sanitization when saving via update_option() and lack of output escaping when…

  • CVE-2026-6293MedApr 15, 2026
    risk 0.28cvss 4.3epss 0.00

    The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in version 1.0. This is due to missing nonce validation on the plugin settings update handler, combined with insufficient input sanitization…

VYPR — Vulnerability Intelligence