← Back

Wpreactions

wpreactions

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Wpreactions
1Wp Reactions Lite
Jun 17, 2026
Nov 9, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in WP Reactions, LLC WP Reactions Lite plugin <= 1.3.8 versions.
1Wpreactions
1Wp Reactions Lite
Jun 17, 2026
Nov 1, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The WP Reactions Lite WordPress plugin before 1.3.6 does not properly sanitize inputs within wp-admin pages, allowing users with sufficient access to inject XSS payloads within /wp-admin/ pages.