VYPR

Spin Wheel

by WordPress

Source repositories

CVEs (1)

  • CVE-2026-0808MedJan 17, 2026
    risk 0.34cvss 5.3epss 0.00

    The Spin Wheel plugin for WordPress is vulnerable to client-side prize manipulation in all versions up to, and including, 2.1.0. This is due to the plugin trusting client-supplied prize selection data without server-side validation or randomization. This makes it possible for…