VYPR

Easy PHP Settings

by WordPress

CVEs (1)

  • CVE-2026-3352HigMar 7, 2026
    risk 0.47cvss 7.2epss 0.00

    The Easy PHP Settings plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0.4 via the `update_wp_memory_constants()` method. This is due to insufficient input validation on the `wp_memory_limit` and `wp_max_memory_limit` settings…