VYPR

Wp Announcements

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-23489HigJan 21, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Messenlehner WP-Announcements wp-announcements allows Reflected XSS.This issue affects WP-Announcements: from n/a through <= 1.8.

  • CVE-2024-38685MedJul 20, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SubscriptionPro WP Announcement allows Stored XSS.This issue affects WP Announcement: from n/a through 2.0.8.