VYPR

Gameplan

by WordPress

CVEs (2)

  • CVE-2024-52418HigNov 18, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CactusThemes Gameplan gameplan allows Reflected XSS.This issue affects Gameplan: from n/a through <= 1.5.10.

  • CVE-2018-11568MedMay 30, 2018
    risk 0.40cvss 6.1epss 0.01

    Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for WordPress because of insufficient input sanitization, as demonstrated by the s parameter. In some (but not all) cases, the '<' and '>' characters have < and > representations.