VYPR

Unify

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-36072CriJun 27, 2024
    risk 0.64cvss 9.8epss 0.01

    Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious…

  • CVE-2025-9130MedOct 3, 2025
    risk 0.42cvss 6.4epss 0.00

    The Unify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin for WordPress's unify_checkout shortcode in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2025-13529MedJan 7, 2026
    risk 0.27cvss 5.3epss 0.00

    The Unify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'init' action in all versions up to, and including, 3.4.9. This makes it possible for unauthenticated attackers to delete specific plugin options via the…