CVE-2025-54414

Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...

CVE-2025-54414 Anubis accepts crafted redirect URLs in pass-challenge 'Try Again' buttons

Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...

CVE-2025-54414 Anubis accepts crafted redirect URLs in pass-challenge 'Try Again' buttons

Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...

CVE-2025-54414 Anubis accepts crafted redirect URLs in pass-challenge 'Try Again' buttons

Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...

CVE-2025-54414

CVE-2025-54414 affects TecharoHQ Anubis Web AI Firewall Utility (versions 1.21.2 and earlier). The vulnerability arises from malicious pass-challenge pages that can cause a user to execute arbitrary JavaScript or trigger nonstandard URL schemes via the PassChallenge flow, specifically the route /...

CVE-2024-54414

creationtimestamp| type| source ---|---|--- 2024-12-16 16:21:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113663414929966698...

CVE-2024-54414

Cross-Site Request Forgery CSRF vulnerability in geoWP Geoportail Shortcode geoportail-shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through = 2.4.4...

CVE-2024-54414 WordPress Geoportail Shortcode plugin <= 2.4.4 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in geoWP Geoportail Shortcode geoportail-shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through = 2.4.4...

CVE-2024-54414

CVE-2024-54414 refers to a Cross-Site Forgery to Stored Cross-Site Scripting issue in the WordPress plugin Geoportail Shortcode . Connected records indicate affected versions are up to 2.4.4, with the root cause described as CSRF enabling stored XSS. The Red Hat entry and ENISA/Wordfence aggregat...

CVE-2024-54414 WordPress Geoportail Shortcode plugin <= 2.4.4 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in geoWP Geoportail Shortcode geoportail-shortcode allows Stored XSS.This issue affects Geoportail Shortcode: from n/a through = 2.4.4...