VYPR

Easy Image Collage

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-9019MedJun 10, 2026
    risk 0.42cvss 6.4epss 0.00

    The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping.…

  • CVE-2024-5863MedJun 28, 2024
    risk 0.28cvss 5.4epss 0.00

    The Easy Image Collage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajax_image_collage() function in all versions up to, and including, 1.13.5. This makes it possible for authenticated attackers, with Contributor-level…