VYPR

Appmax

by WordPress

CVEs (1)

  • CVE-2026-3641MedMar 21, 2026
    risk 0.34cvss 5.3epss 0.00

    The Appmax plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 1.0.3. This is due to the plugin registering a public REST API webhook endpoint at /webhook-system without implementing webhook signature validation, secret…