VYPR

Nirweb support

by NirWp Team

CVEs (2)

  • CVE-2025-22695MedFeb 3, 2025
    risk 0.28cvss 4.3epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in NirWp Team Nirweb support nirweb-support.This issue affects Nirweb support: from n/a through <= 3.0.3.

  • CVE-2022-0781May 23, 2022
    risk 0.07cvss epss 0.12

    The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection