VYPR

Typebot

by WordPress

CVEs (2)

  • CVE-2024-38757MedJul 20, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Typebot allows Stored XSS.This issue affects Typebot: from n/a through 3.6.0.

  • CVE-2021-24902MedDec 27, 2021
    risk 0.31cvss 4.8epss 0.01

    The Typebot | Build beautiful conversational forms WordPress plugin before 1.4.3 does not sanitise and escape the Publish ID setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.