2 matches found
CVE-2025-0629
creationtimestamp| type| source ---|---|--- 2025-03-11 09:15:55+00:00| seen| https://t.me/cvedetector/20047...
CVE-2025-0629 Coronavirus (COVID-19) Notice Message <= 1.1.2 - Admin+ Stored XSS
The Coronavirus COVID-19 Notice Message WordPress plugin through 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...