VYPR

Wp Ban User

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-54440HigDec 16, 2024
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in blueskyy WP-Ban-User wp-ban-user allows Stored XSS.This issue affects WP-Ban-User: from n/a through <= 1.0.

  • CVE-2021-25034MedFeb 28, 2022
    risk 0.40cvss 6.1epss 0.01

    The WP User WordPress plugin before 7.0 does not sanitise and escape some parameters in pages where the [wp_user] shortcode is used, leading to Reflected Cross-Site Scripting issues

  • CVE-2022-4260MedJan 2, 2023
    risk 0.31cvss 4.8epss 0.01

    The WP-Ban WordPress plugin before 1.69.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite…