ByteOS Network

WPSight

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2025-62043

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.02% / 4.65%

7 Day CHG~0.00%

Published-19 Mar, 2026 | 08:25

Updated-28 Apr, 2026 | 16:13

WordPress WPCasa plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPSight WPCasa allows DOM-Based XSS.This issue affects WPCasa: from n/a through 1.4.1.

Vendor-WPSight

Product-WPCasa

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2025-39575

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.14% / 34.10%

7 Day CHG~0.00%

Published-16 Apr, 2025 | 12:44

Updated-28 Apr, 2026 | 16:12

WordPress WPCasa plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPSight WPCasa wpcasa allows Stored XSS.This issue affects WPCasa: from n/a through <= 1.3.2.

Vendor-WPSight

Product-WPCasa

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-53826

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.3||MEDIUM

EPSS-0.39% / 60.20%

7 Day CHG~0.00%

Published-06 Dec, 2024 | 13:18

Updated-28 Apr, 2026 | 16:10

WordPress WPCasa plugin <= 1.2.13 - Insecure Direct Object References (IDOR) vulnerability

Missing Authorization vulnerability in WPSight WPCasa wpcasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through <= 1.2.13.

Vendor-WPSight wpcasa_project

Product-WPCasa wpcasa

CWE ID-CWE-862

Missing Authorization