bunny.net

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-68049	WordPress bunny.net	Med	0.41	6.3	—		Jun 15, 2026	Subscriber Broken Access Control in bunny.net <= 2.3.6 versions.
CVE-2024-31361	WordPress bunny.net	Med	0.38	5.9	0.00		Apr 11, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bunny.Net allows Stored XSS.This issue affects bunny.Net: from n/a through 2.0.1.

CVE-2025-68049MedJun 15, 2026
WordPress
bunny.net
risk 0.41cvss 6.3epss —
Subscriber Broken Access Control in bunny.net <= 2.3.6 versions.
CVE-2024-31361MedApr 11, 2024
WordPress
bunny.net
risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bunny.Net allows Stored XSS.This issue affects bunny.Net: from n/a through 2.0.1.