VYPR

Flex Qr Code Generator

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-10041CriOct 15, 2025
    risk 0.64cvss 9.8epss 0.01

    The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesave_qr_code_to_db() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary…

  • CVE-2025-12673CriDec 6, 2025
    risk 0.57cvss 9.8epss 0.01

    The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_qr_code() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to upload arbitrary…

  • CVE-2026-24614MedJan 23, 2026
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devsbrain Flex QR Code Generator flex-qr-code-generator allows DOM-Based XSS.This issue affects Flex QR Code Generator: from n/a through <= 1.2.10.