VYPR

Spectra Pro

by WordPress

CVEs (2)

  • CVE-2024-3828HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for…

  • CVE-2020-36656Feb 21, 2023
    risk 0.00cvss epss 0.01

    The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks.