VYPR

Marmoset Viewer

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-23767MedJan 16, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in revoxis Marmoset Viewer marmoset-viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a through <= 1.9.3.

  • CVE-2021-24495MedAug 9, 2021
    risk 0.40cvss 6.1epss 0.03

    The Marmoset Viewer WordPress plugin before 1.9.3 does not property sanitize, validate or escape the 'id' parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue.