VYPR
Vendor

Syed Balkhi

Products
6
CVEs
9
Across products
9
Status
Private

Products

6

Recent CVEs

9
  • CVE-2026-39475HigApr 8, 2026
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1.

  • CVE-2025-68496HigDec 24, 2025
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.0.

  • CVE-2025-24637HigApr 17, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Reflected XSS.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through <= 1.5.7.

  • CVE-2025-58001MedSep 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through <= 4.1.0.

  • CVE-2025-24750MedJan 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through <= 8.1.0.

  • CVE-2023-50887MedDec 9, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.0.10.

  • CVE-2026-39476MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through <= 1.10.1.

  • CVE-2025-49937MedOct 22, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through <= 4.3.2.

  • CVE-2024-56276MedJan 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through <= 1.9.2.2.