VYPR

Schema App Structured Data For Schemaorg

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-11279MedDec 12, 2024
    risk 0.40cvss 6.1epss 0.01

    The Schema App Structured Data plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.2.4. This makes it possible for unauthenticated attackers to inject…

  • CVE-2024-0892MedJun 14, 2024
    risk 0.28cvss 4.3epss 0.00

    The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the MarkUpdate function. This makes it possible for unauthenticated attackers to…