VYPR

General Options

by WordPress

CVEs (1)

  • CVE-2026-6399MedMay 20, 2026
    risk 0.29cvss 4.4epss 0.00

    The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitize_text_field() for output escaping in the Contact Number (ad_contact_number) field — a function that strips HTML tags…