VYPR

Enteraddons

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-8687MedDec 13, 2025
    risk 0.42cvss 6.4epss 0.00

    The Enter Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown and Image Comparison widgets in all versions up to, and including, 2.2.7 due to insufficient input sanitization and output escaping on user supplied attributes. This…

  • CVE-2026-25014MedFeb 3, 2026
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in themelooks Enter Addons enteraddons allows Cross Site Request Forgery.This issue affects Enter Addons: from n/a through <= 2.3.2.

VYPR — Vulnerability Intelligence