VYPR

Fpw Category Thumbnails

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-2382MedJun 2, 2026
    risk 0.42cvss 6.4epss 0.00

    The FPW Category Thumbnails plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the 'fpw_fs_get_file' AJAX action in all versions up to, and including, 1.9.5. This is due to insufficient input sanitization and output escaping. This makes…

  • CVE-2025-31841MedApr 3, 2025
    risk 0.41cvss 6.3epss 0.00

    Missing Authorization vulnerability in Frank P. Walentynowicz FPW Category Thumbnails fpw-category-thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FPW Category Thumbnails: from n/a through <= 1.9.5.