VYPR

User Importer And Generator

by WordPress

Source repositories

CVEs (1)

  • CVE-2025-12879HigDec 5, 2025
    risk 0.57cvss 8.8epss 0.00

    The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.2.2. This is due to missing nonce validation in the "Import Using CSV File" function. This makes it possible for unauthenticated attackers to…