VYPR

H5pxapikatchu

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-12904HigNov 14, 2025
    risk 0.40cvss 7.2epss 0.00

    The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insert_data' AJAX endpoint in all versions up to, and including, 0.4.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated…

  • CVE-2025-30821MedMar 27, 2025
    risk 0.34cvss 5.3epss 0.01

    Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu h5pxapikatchu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SNORDIAN's H5PxAPIkatchu: from n/a through <= 0.4.14.