VYPR

Anomify

by WordPress

CVEs (2)

  • CVE-2026-6404MedMay 20, 2026
    risk 0.29cvss 4.4epss 0.00

    The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'anomify_api_key' parameter in versions up to and including 0.3.6. This is due to insufficient input sanitization and missing output escaping: the plugin…

  • CVE-2026-6405MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in versions up to and including 0.3.6. This is due to missing nonce verification on the settings page handler…