Every CVE whose affected-product data names Vruiz Vr-frases, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-13626 — CVSS 7.1 (high): The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 does not sanitise and escape a parameter before outputting it back in…
CVE-2025-0860 — CVSS 6.1 (medium): The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters in all…
CVE-2025-0861 — CVSS 4.9 (medium): The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to SQL Injection via several parameters in all versions up to…