VYPR
Vendor

VK

Products
3
CVEs
4
Across products
4
Status
Private

Products

3

Recent CVEs

4
  • CVE-2025-68070MedDec 16, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vektor,Inc. VK Google Job Posting Manager vk-google-job-posting-manager allows Stored XSS.This issue affects VK Google Job Posting Manager: from n/a through <= 1.2.22.

  • CVE-2025-12836MedJan 24, 2026
    risk 0.35cvss 6.4epss 0.00

    The VK Google Job Posting Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Description field in versions up to, and including, 1.2.23 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it…

  • CVE-2023-28367MedMay 23, 2023
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script.

  • CVE-2014-5822Sep 9, 2014
    risk 0.00cvss epss 0.00

    The VK Kate Mobile (aka com.perm.kate) application 9.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.