VYPR

Joy Of Text Lite

by WordPress

CVEs (3)

  • CVE-2022-4099CriJan 2, 2023
    risk 0.64cvss 9.8epss 0.01

    The Joy Of Text Lite WordPress plugin before 2.3.1 does not properly sanitise and escape some parameters before using them in SQL statements accessible to unauthenticated users, leading to unauthenticated SQL injection

  • CVE-2024-7984MedMay 15, 2025
    risk 0.28cvss 4.3epss 0.00

    The Joy Of Text Lite WordPress plugin through 2.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

  • CVE-2024-47337MedSep 26, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Phillip Dane Joy Of Text Lite joy-of-text.This issue affects Joy Of Text Lite: from n/a through <= 2.3.1.