VYPR

Eid Easy

by Easy CMS

CVEs (2)

  • CVE-2025-9128MedSep 11, 2025
    risk 0.35cvss 6.4epss 0.00

    The eID Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 4.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…

  • CVE-2021-34650MedSep 20, 2021
    risk 0.35cvss 5.4epss 0.01

    The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the ~/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6.