VYPR
Vendor

Wpzita

Products
2
CVEs
6
Across products
6
Status
Private

Products

2

Recent CVEs

6
  • CVE-2024-37420CriJul 9, 2024
    risk 0.64cvss 9.9epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1.

  • CVE-2025-30817MedMar 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in wpzita Z Companion z-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Z Companion: from n/a through <= 1.0.13.

  • CVE-2024-8921MedOct 16, 2024
    risk 0.35cvss 6.4epss 0.00

    The Zita Elementor Site Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…

  • CVE-2026-25319MedFeb 19, 2026
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita Elementor Site Library zita-site-library allows Cross Site Request Forgery.This issue affects Zita Elementor Site Library: from n/a through <= 1.6.6.

  • CVE-2024-3249MedJun 25, 2024
    risk 0.21cvss 4.3epss 0.00

    The Zita Elementor Site Library plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_xml_data, xml_data_import, import_option_data, import_widgets, and import_customizer_settings functions in all versions up to,…

  • CVE-2025-2575Apr 11, 2025
    risk 0.00cvss epss 0.00

    The Z Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level…