VYPR

Wp Editormd

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-3772HigMay 1, 2026
    risk 0.50cvss 8.8epss 0.00

    The WP Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.9.2. This is due to missing nonce verification in the 'add_plugins_page' and 'add_themes_page' functions. This makes it possible for unauthenticated attackers…

  • CVE-2025-31035MedApr 9, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Chris WP Editor.md – The Perfect WordPress Markdown Editor wp-editormd allows Stored XSS.This issue affects WP Editor.md – The Perfect WordPress Markdown Editor:…

  • CVE-2018-18919MedNov 4, 2018
    risk 0.31cvss 4.8epss 0.01

    The WP Editor.md plugin 10.0.1 for WordPress allows XSS via the comment area.