Coffee-code Plugin_oficial

2 CVEs affecting Coffee-code Plugin_oficial. Latest disclosed: 2025-05-15. Critical: 0, High: 0.

Top CVEs affecting Coffee-code Plugin_oficial
CVESeverityScorePublishedSummary
CVE-2025-1303Medium6.12025-05-15The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross…
CVE-2025-1289Medium4.82025-05-15The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to p…