VYPR

Wp Guppy

by WordPress

CVEs (2)

  • CVE-2025-31920HigJun 9, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AmentoTech WP Guppy wp-guppy allows SQL Injection.This issue affects WP Guppy: from n/a through <= 4.3.3.

  • CVE-2021-24997MedDec 27, 2021
    risk 0.42cvss 6.5epss 0.03

    The WP Guppy WordPress plugin before 1.3 does not have any authorisation in some of the REST API endpoints, allowing any user to call them and could lead to sensitive information disclosure, such as usernames and chats between users, as well as be able to send messages as an…