VYPR

Local Syndication

by WordPress

Source repositories

CVEs (1)

  • CVE-2025-12962MedNov 18, 2025
    risk 0.42cvss 6.4epss 0.00

    The Local Syndication plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5a via the `url` parameter in the `[syndicate_local]` shortcode. This is due to the use of `wp_remote_get()` instead of `wp_safe_remote_get()` which…