WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress
by WP VR
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-12005 | Med | 0.28 | 4.3 | 0.00 | Oct 25, 2025 | The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 8.5.41. This is due to the plugin not properly verifying that a user is authorized to perform an action.… | ||
| CVE-2025-6350 | 0.00 | — | 0.00 | Jun 28, 2025 | The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hotspot-hover’ parameter in all versions up to, and including, 8.5.32 due to insufficient input sanitization and output escaping.… |
- risk 0.28cvss 4.3epss 0.00
The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 8.5.41. This is due to the plugin not properly verifying that a user is authorized to perform an action.…
- CVE-2025-6350Jun 28, 2025risk 0.00cvss —epss 0.00
The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hotspot-hover’ parameter in all versions up to, and including, 8.5.32 due to insufficient input sanitization and output escaping.…