VYPR

Lifepress

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-6690HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lp_update_mds AJAX action in all versions up to, and including, 2.2.2. This is due to the `wp_ajax_nopriv_lp_update_mds` action being registered without nonce…

  • CVE-2026-24563MedJan 23, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through <= 2.2.1.

VYPR — Vulnerability Intelligence