Coffee-code Plugin_oficial
2 CVEs affecting Coffee-code Plugin_oficial. Latest disclosed: 2025-05-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-1303 | Medium | 6.1 | 2025-05-15 | The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross… |
CVE-2025-1289 | Medium | 4.8 | 2025-05-15 | The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to p… |