VYPR

Custom API For Wp

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-54049CriAug 20, 2025
    risk 0.64cvss 9.9epss 0.00

    Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through <= 4.2.2.

  • CVE-2025-54048CriAug 20, 2025
    risk 0.60cvss 9.3epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through <= 4.2.2.