VYPR

Game Catalog

by WordPress

CVEs (1)

  • CVE-2026-8418MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    The Games Catalog plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the gc_crud() function which handles the delete action (action=delete) via a GET request without…