VYPR

Gpx Viewer

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-10629HigNov 13, 2024
    risk 0.57cvss 8.8epss 0.02

    The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with…

  • CVE-2025-27274MedMar 3, 2025
    risk 0.32cvss 4.9epss 0.00

    Path Traversal: '.../...//' vulnerability in axelkeller GPX Viewer gpx-viewer allows Path Traversal.This issue affects GPX Viewer: from n/a through <= 2.2.11.