VYPR

Appsero Helper

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-39377HigApr 24, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through <= 1.3.4.

  • CVE-2024-13436MedMar 11, 2025
    risk 0.40cvss 6.1epss 0.00

    The Appsero Helper plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation on the 'appsero_helper' page. This makes it possible for unauthenticated attackers to update…