VYPR

Etsy Shop WordPress plugin

by Etsy

CVEs (1)

  • CVE-2025-9115MedSep 22, 2025
    Etsy
    Etsy Shop WordPress plugin
    risk 0.36cvss 5.6epss 0.00

    The Etsy Shop WordPress plugin before 3.0.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.