VYPR
Vendor

Wp Feedstats

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2013-1400CriFeb 13, 2020
    risk 0.64cvss 9.8epss 0.03

    Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.

  • CVE-2007-4104Jul 31, 2007
    risk 0.03cvss epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, one of which involves an rss2 feed with an invalid or missing blog with an XSS sequence…

  • CVE-2025-11154Oct 27, 2025
    risk 0.00cvss epss 0.00

    The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers to delete arbitrary users.