VYPR

Wooexim

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-23944HigJan 22, 2025
    risk 0.57cvss 8.8epss 0.01

    Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0.

  • CVE-2025-22533HigJan 7, 2025
    risk 0.49cvss 7.6epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0.

  • CVE-2025-1288May 15, 2025
    risk 0.00cvss epss 0.00

    The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack.