VYPR

Collapsing Categories

by WordPress

Source repositories

CVEs (1)

  • CVE-2024-12025HigDec 18, 2024
    risk 0.49cvss 7.5epss 0.03

    The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy' parameter of the /wp-json/collapsing-categories/v1/get REST API in all versions up to, and including, 3.0.8 due to insufficient escaping on the user supplied parameter and lack of…