VYPR

Bottom Bar

by WordPress

CVEs (1)

  • CVE-2026-6401MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update forms handled in bottom-bar-admin.php. None of the three settings forms (main…