VYPR

Wp Bannerize Pro

by WordPress

Source repositories

CVEs (4)

  • CVE-2023-41663HigSep 29, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin <= 1.6.9 versions.

  • CVE-2021-39351MedOct 6, 2021
    risk 0.42cvss 6.5epss 0.01

    The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the ~/Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2.

  • CVE-2026-25012MedFeb 3, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bannerize Pro: from n/a through <= 1.11.0.

  • CVE-2024-7388MedAug 13, 2024
    risk 0.19cvss 4.0epss 0.00

    The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…