VYPR

WHOIS Domain Check

by Powie

CVEs (1)

  • CVE-2020-37225MedMay 13, 2026
    WordPress
    Powies Whois
    risk 0.42cvss 6.4epss 0.00

    Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in plugin settings. Attackers can submit malicious payloads through textarea and input elements in the pwhois_settings.php configuration page to execute JavaScript in the admin context and escalate privileges.