VYPR

Checklist

by WordPress

Source repositories

CVEs (3)

  • CVE-2018-7318CriFeb 22, 2018
    risk 0.67cvss 9.8epss 0.09

    SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.

  • CVE-2025-31538MedMar 31, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in checklistcom Checklist checklist allows Stored XSS.This issue affects Checklist: from n/a through <= 1.1.9.

  • CVE-2019-16525Sep 19, 2019
    risk 0.01cvss epss 0.06

    An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.