VYPR

Bridge Core

by WordPress

CVEs (5)

  • CVE-2023-40333HigSep 27, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Qode Interactive Bridge Core plugin <= 3.0.9 versions.

  • CVE-2025-31409MedApr 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Bridge Core allows Stored XSS. This issue affects Bridge Core: from n/a through n/a.

  • CVE-2024-9292MedOct 8, 2024
    risk 0.42cvss 6.4epss 0.00

    The Bridge Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formforall' shortcode in versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated…

  • CVE-2024-9860MedOct 12, 2024
    risk 0.35cvss 5.4epss 0.00

    The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'import_action' and 'install_plugin_per_demo' functions in versions up to, and including, 3.3. This makes it possible for…

  • CVE-2025-24744MedJan 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in NotFound Bridge Core. This issue affects Bridge Core: from n/a through 3.3.